simpsonitos.blog/episodio/los-simpson-2x2/
301 Moved Permanently 0 B URL HTTP/1.1 simpsonitos.blog/episodio/los-simpson-2x2/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /episodio/los-simpson-2x2/ HTTP/1.1
Host: simpsonitos.blog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 03 Feb 2023 04:49:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 03 Feb 2023 05:49:13 GMT
Location: https://simpsonitos.blog/episodio/los-simpson-2x2/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TsOubaiHzuBWKsmGu%2BT5yIlbKnpO4shq%2B85l%2BZiuTFr18lUtwP82ZeU9Ri4VCzlLFk9SWdX8LyVGCVm3YnqDDsr9C3w2W7gBc6AuZa%2F%2BWw9IzZVfdWJZG%2BHfPYM2Z%2F7aacad"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 793889ebd829b4f7-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11441
Expires: Fri, 03 Feb 2023 07:59:54 GMT
Date: Fri, 03 Feb 2023 04:49:13 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ec47f9eed203ae063b9c210009de54a9
19ff156471b9cffbc2432c5b65543bdd18e36271
3974208ce1840f6c9467287b7e220379ed881d76db64939f411dbc500c103d48
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3974208CE1840F6C9467287B7E220379ED881D76DB64939F411DBC500C103D48"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4835
Expires: Fri, 03 Feb 2023 06:09:48 GMT
Date: Fri, 03 Feb 2023 04:49:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 04:43:34 GMT
content-type: application/json
age: 339
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7882
Expires: Fri, 03 Feb 2023 07:00:35 GMT
Date: Fri, 03 Feb 2023 04:49:13 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: z7wr7VXTFTvYz9lJvrMLk1fcERJBXBmh6LLbwsZExwaCZUCOXhpXxQLKP3NH+RzST2RMMKRBpXA=
x-amz-request-id: SK73PTNMR2GFGSH7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 03:52:15 GMT
age: 3418
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 04:49:14 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash c8a3ebe92817d1a3383956f86d9819e9
96a03656757296fb20dda942a881ba2f3b90e725
d656fc9dd1ce8f05fa19fade899bec61280aedac11e36a00ed063cea6b5acab0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D656FC9DD1CE8F05FA19FADE899BEC61280AEDAC11E36A00ED063CEA6B5ACAB0"
Last-Modified: Thu, 02 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21567
Expires: Fri, 03 Feb 2023 10:48:41 GMT
Date: Fri, 03 Feb 2023 04:49:14 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash c8a3ebe92817d1a3383956f86d9819e9
96a03656757296fb20dda942a881ba2f3b90e725
d656fc9dd1ce8f05fa19fade899bec61280aedac11e36a00ed063cea6b5acab0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D656FC9DD1CE8F05FA19FADE899BEC61280AEDAC11E36A00ED063CEA6B5ACAB0"
Last-Modified: Thu, 02 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21567
Expires: Fri, 03 Feb 2023 10:48:41 GMT
Date: Fri, 03 Feb 2023 04:49:14 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-230100376-1
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-230100376-1
IP
File type ASCII text, with very long lines (1759)
Hash 82869f98ff189c4d23d0cdc6deeae16d
ec64250ff7d4c2ba68212d138f1e198716169293
e80d270e9acd8e3af9894d8fc4ffb2acc868b6f85f026c5a2aff9c601752ee67
GET /gtag/js?id=UA-230100376-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 04:49:14 GMT
expires: Fri, 03 Feb 2023 04:49:14 GMT
cache-control: private, max-age=900
last-modified: Fri, 03 Feb 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43935
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-PXQVJ5VZY6
200 OK 79 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-PXQVJ5VZY6
IP
File type ASCII text, with very long lines (21849)
Hash 0543d20dacb2d9e3b4b5db012a0db83d
76cb5f31472a88fd002e6606d644efa65f4e8736
dc75db3bb37e60f9876b43fcabe3aad0127df672b6906acaa5059ddc5c2e575d
GET /gtag/js?id=G-PXQVJ5VZY6 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 04:49:14 GMT
expires: Fri, 03 Feb 2023 04:49:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78569
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5488
Expires: Fri, 03 Feb 2023 06:20:42 GMT
Date: Fri, 03 Feb 2023 04:49:14 GMT
Connection: keep-alive
image.tmdb.org/t/p/w92/jxePOVHH7BF2AdvsYo0jPE26iR7.jpg
200 OK 2.8 kB URL HTTP/2 image.tmdb.org/t/p/w92/jxePOVHH7BF2AdvsYo0jPE26iR7.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x69, components 3\012- data
Hash 34fe295979fb8134db0fab4860f255cd
49c91fdef1ea98d1fe5afb2889852d3a3b45a939
82e5ac1f5ea45f06171846a7a5077c766abc74857e6a0b878fa16a3d29448f6d
GET /t/p/w92/jxePOVHH7BF2AdvsYo0jPE26iR7.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2773
date: Wed, 01 Feb 2023 23:47:33 GMT
server: openresty
cache-control: public, max-age=31536000
etag: "0f950628fb0f56f630dc24768993983b"
last-modified: Sat, 20 Feb 2021 13:20:22 GMT
imagery: degrade=85, sample=2x2, difference=1.456
cache-tag: jxePOVHH7BF2AdvsYo0jPE26iR7
x-cache: Hit from cloudfront
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: mtgxif37wH8E1h1gmgiq0dhBiPzAOSVEfXV85KthRjYuKX5eeao2aA==
age: 104501
vary: Origin
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 04:07:19 GMT
age: 2515
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/rovP0pjQzp6aE1tB0fzgJDggYyn.jpg
200 OK 2.5 kB URL HTTP/2 image.tmdb.org/t/p/w92/rovP0pjQzp6aE1tB0fzgJDggYyn.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x69, components 3\012- data
Hash 5bdff78c33dee065cbe638d6888d6469
cdbb4c044937724f0b2152129d83dc18874e7b74
9a65362af9d6c35ae02081c6134736f488902e98330a6cfb2eace63ff6987d7c
GET /t/p/w92/rovP0pjQzp6aE1tB0fzgJDggYyn.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2452
date: Fri, 03 Feb 2023 04:49:14 GMT
server: openresty
cache-control: public, max-age=31536000
etag: "08dafb55e8baf6f51d3d8770ef6ca179"
last-modified: Sat, 20 Feb 2021 13:09:58 GMT
imagery: degrade=85, sample=2x2, difference=1.367
cache-tag: rovP0pjQzp6aE1tB0fzgJDggYyn
x-cache: Miss from cloudfront
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: KcVBOMXA3qV1p6deg55SRofDz5_CiA4-_awa4B4BiXlX2CBjALb_7A==
vary: Origin
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/t5tCwaAHkmqP8p539uke3s8DjjU.jpg
200 OK 2.1 kB URL HTTP/2 image.tmdb.org/t/p/w92/t5tCwaAHkmqP8p539uke3s8DjjU.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x69, components 3\012- data
Hash 3bb9d493c4c18048d5d95a408dde4a6f
a1ee3be8789103bb372b04456cc56ab4fae5301e
216c6a28ac28b66167a4bfa9031516daaa8fa4e0d365efbf5a67021f30e979b5
GET /t/p/w92/t5tCwaAHkmqP8p539uke3s8DjjU.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2122
date: Fri, 03 Feb 2023 04:49:14 GMT
server: openresty
cache-control: public, max-age=31536000
etag: "0525881d243ca8c2b32a110821d9a4bb"
last-modified: Mon, 24 Oct 2011 21:35:16 GMT
imagery: degrade=85, sample=2x2, difference=1.518
cache-tag: t5tCwaAHkmqP8p539uke3s8DjjU
x-cache: Miss from cloudfront
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: NEzTb2JSzFmtNNjH8PBy4slZK3txTWCm6gmQ_Mi6hTgAG3xZxc-eBQ==
vary: Origin
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/yhTmGoZCjWg32E3PMo6mhfdFuvd.jpg
200 OK 2.7 kB URL HTTP/2 image.tmdb.org/t/p/w92/yhTmGoZCjWg32E3PMo6mhfdFuvd.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x69, components 3\012- data
Hash b05d9da9f43b3772fb6bacf0eea78261
06a05960dc17f8f3f51224f116178f20c39e1e02
97d5d50323253fc5cab76904424212a92efafd73dc64b2627bae31e84bd1a3de
GET /t/p/w92/yhTmGoZCjWg32E3PMo6mhfdFuvd.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2725
date: Fri, 03 Feb 2023 04:49:14 GMT
server: openresty
cache-control: public, max-age=31536000
etag: "c0ba170a31846a7485c4f1264f30a632"
last-modified: Sat, 20 Feb 2021 13:44:26 GMT
imagery: degrade=85, sample=2x2, difference=1.166
cache-tag: yhTmGoZCjWg32E3PMo6mhfdFuvd
x-cache: Miss from cloudfront
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: QSzarY02F1TSZm6iBz8fnCjQLB9k94ln-YN7BOCB2cG1mAHAwhwOPg==
vary: Origin
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/yFfLjt6tG4SBNRrxrqMI1IEqv6R.jpg
200 OK 3.1 kB URL HTTP/2 image.tmdb.org/t/p/w92/yFfLjt6tG4SBNRrxrqMI1IEqv6R.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x69, components 3\012- data
Hash effef581336484851c8e43003b9d9ffe
f326bb3e0c1c771a7c6327f53800cf308575018e
b3ff363d1db99043aa9db85a29be895cf6160d4dada57ad420ae056306f85db2
GET /t/p/w92/yFfLjt6tG4SBNRrxrqMI1IEqv6R.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 3139
date: Fri, 03 Feb 2023 04:49:14 GMT
server: openresty
cache-control: public, max-age=31536000
etag: "4301b34877bedad659acce2ab27758f1"
last-modified: Sat, 20 Feb 2021 13:34:31 GMT
imagery: degrade=85, sample=2x2, difference=1.157
cache-tag: yFfLjt6tG4SBNRrxrqMI1IEqv6R
x-cache: Miss from cloudfront
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: etI7HDjWHsWzGjQXpE3QfsHdkAF5HRVJv-tYiXvfSNvbwJorkesevw==
vary: Origin
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/vIcrn5nJyOC7eZgMRGTkz5LPc3u.jpg
200 OK 4.1 kB URL HTTP/2 image.tmdb.org/t/p/w92/vIcrn5nJyOC7eZgMRGTkz5LPc3u.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x69, components 3\012- data
Hash 4a0fc1ddf504bfadffa471dcb355b7b8
6333847f2ed9f6c3b9f4161069603c6f91b47191
496fc4556a14ac195715acd1eb574ca5ca5b7406a7b8dde15246f2a891e84a5f
GET /t/p/w92/vIcrn5nJyOC7eZgMRGTkz5LPc3u.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 4117
date: Fri, 03 Feb 2023 04:49:14 GMT
server: openresty
cache-control: public, max-age=31536000
etag: "8c4cc7b5460f8313160aa1f733150ee9"
last-modified: Sat, 20 Feb 2021 13:53:11 GMT
imagery: degrade=81, sample=1x1, difference=1.564
cache-tag: vIcrn5nJyOC7eZgMRGTkz5LPc3u
x-cache: Miss from cloudfront
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: I-5TKbUXCMluZId4c3W4DVFCuUlmt8DD4RNXRfzy8WqC1DdyKMKhhA==
vary: Origin
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/4xEXNwTQE9Pz7rgFzgjxDJzqvpz.jpg
200 OK 2.8 kB URL HTTP/2 image.tmdb.org/t/p/w92/4xEXNwTQE9Pz7rgFzgjxDJzqvpz.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x69, components 3\012- data
Hash 41af913f4a142eb3d538442791045d6c
819dae9592c5df230764fe6b7248aa0cff7af402
5b10c1c8bb7409e9647a7f2acc413355bb4f9cf234deb03d5a8b74db22827e61
GET /t/p/w92/4xEXNwTQE9Pz7rgFzgjxDJzqvpz.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2827
date: Fri, 03 Feb 2023 04:49:14 GMT
server: openresty
cache-control: public, max-age=31536000
etag: "6f776ca4b06480ac4b18084385556598"
last-modified: Sat, 20 Feb 2021 14:11:49 GMT
imagery: degrade=85, sample=2x2, difference=1.366
cache-tag: 4xEXNwTQE9Pz7rgFzgjxDJzqvpz
x-cache: Miss from cloudfront
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: MhYf7MaaweyfHbBLtYBKtPAZz5RULLtvnQm0Aml-aB1A_TBWP_Z26w==
vary: Origin
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/nzupXVgtStZE0bSA2rSSJWSOibl.jpg
200 OK 2.7 kB URL HTTP/2 image.tmdb.org/t/p/w92/nzupXVgtStZE0bSA2rSSJWSOibl.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x69, components 3\012- data
Hash 13dc57de67e32c52de0885d492f59bdd
856ea77c16826cff3610687a0e4746eb18494267
7c2af6ad1a2fb891eab3e06ff8b0270babb1e56fb3b3f3e7c5fb322fcb08aca5
GET /t/p/w92/nzupXVgtStZE0bSA2rSSJWSOibl.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2741
date: Fri, 03 Feb 2023 04:49:14 GMT
server: openresty
cache-control: public, max-age=31536000
etag: "30891680b0e2407b5005478327acb498"
last-modified: Sat, 20 Feb 2021 13:14:48 GMT
imagery: degrade=85, sample=2x2, difference=1.261
cache-tag: nzupXVgtStZE0bSA2rSSJWSOibl
x-cache: Miss from cloudfront
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Q4bnRGGKDv6Noh6e2SYu8NlY90tRabcR2cqmv-b-tXeODR1GYKQEIw==
vary: Origin
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/sLUOfTJPeoMWDmPpOVEcmH3P8G6.jpg
200 OK 2.5 kB URL HTTP/2 image.tmdb.org/t/p/w92/sLUOfTJPeoMWDmPpOVEcmH3P8G6.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x69, components 3\012- data
Hash 6a0589fae0bd23542b2e1154a9a77a03
7f8f6073ba010e68486af38ac5e343a27b500c26
73658b819241943e06ee10d70c49067aceba15787f74a2012b2196d2e47a6dbf
GET /t/p/w92/sLUOfTJPeoMWDmPpOVEcmH3P8G6.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2490
date: Fri, 03 Feb 2023 04:49:14 GMT
server: openresty
cache-control: public, max-age=31536000
etag: "269a9cd8b9a1fed509499b15c58d468b"
last-modified: Sat, 20 Feb 2021 14:03:47 GMT
imagery: degrade=85, sample=2x2, difference=1.177
cache-tag: sLUOfTJPeoMWDmPpOVEcmH3P8G6
x-cache: Miss from cloudfront
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 3x6lSoek7fsaCdh2pSlHltwZdAb9yTEcjYI0HOk5Mg32_sI3mGYjAw==
vary: Origin
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/ojdGslE9h6TGNpl0RfGszsE2zxO.jpg
200 OK 2.9 kB URL HTTP/2 image.tmdb.org/t/p/w92/ojdGslE9h6TGNpl0RfGszsE2zxO.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x69, components 3\012- data
Hash f99a8d03f9b19cf27a6d5a44ff7bcead
c780f717d13432056181b6ff470435cd84cd9889
20e99189dd8fe26be0cef895d04e669964af39c9739bc6a66e39004e9c7620b0
GET /t/p/w92/ojdGslE9h6TGNpl0RfGszsE2zxO.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2860
date: Fri, 03 Feb 2023 04:49:14 GMT
server: openresty
cache-control: public, max-age=31536000
etag: "45b18432cfe77acf42bda6c91dacfe76"
last-modified: Sat, 20 Feb 2021 13:59:01 GMT
imagery: degrade=85, sample=2x2, difference=1.379
cache-tag: ojdGslE9h6TGNpl0RfGszsE2zxO
x-cache: Miss from cloudfront
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: W53gLvQv_qhcy2tM4eW0zkrIhdhZnTHat6Gq0zbm4aARwu_jY-u3Iw==
vary: Origin
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/f9vlFI2TfisHZJmjq1MedL5jzon.jpg
200 OK 2.6 kB URL HTTP/2 image.tmdb.org/t/p/w92/f9vlFI2TfisHZJmjq1MedL5jzon.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x69, components 3\012- data
Hash 8758b2735f974a3e7a4612c239d2093f
10da7ef26cb1b21429555762e29092cdc4db9a0c
328c1762adc5af6acb547145b66d75d3b644f85ac8072f0e9978b2ba5189caa2
GET /t/p/w92/f9vlFI2TfisHZJmjq1MedL5jzon.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2582
date: Fri, 03 Feb 2023 04:49:14 GMT
server: openresty
cache-control: public, max-age=31536000
etag: "986c99cdb1d42845881fa6e941e94a86"
last-modified: Sat, 20 Feb 2021 14:15:17 GMT
imagery: degrade=85, sample=2x2, difference=1.412
cache-tag: f9vlFI2TfisHZJmjq1MedL5jzon
x-cache: Miss from cloudfront
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: xffXZzYw-JljECnBdhK4EmQNKPziFC5uXmLE7ZVHJ5bIYnOJdZmVVw==
vary: Origin
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/zIgdlXG6vRbgEpEDoFqtdrqH5t9.jpg
200 OK 2.0 kB URL HTTP/2 image.tmdb.org/t/p/w92/zIgdlXG6vRbgEpEDoFqtdrqH5t9.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x69, components 3\012- data
Hash d8210b517aa0507273b64e9e49119bfe
be50174df083db5c5f9af3cba16c895f89d7e005
69b0a2647ef2df90dfcb849da2af069c885283c9142306c6de080d061a8d630e
GET /t/p/w92/zIgdlXG6vRbgEpEDoFqtdrqH5t9.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 1962
date: Fri, 03 Feb 2023 04:49:14 GMT
server: openresty
cache-control: public, max-age=31536000
etag: "2c8c6e48077dfe5f7a2f8cf79998a443"
last-modified: Sat, 20 Feb 2021 14:08:19 GMT
imagery: degrade=85, sample=2x2, difference=1.18
cache-tag: zIgdlXG6vRbgEpEDoFqtdrqH5t9
x-cache: Miss from cloudfront
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: QKxsjCwtWX_FIF-rH1T1P1295tXj0fwiWaDnXxqwt5mLzMPcUB3bZg==
vary: Origin
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/xcP37mEEWiTZcrXe4YJjSXnTfB5.jpg
200 OK 2.5 kB URL HTTP/2 image.tmdb.org/t/p/w92/xcP37mEEWiTZcrXe4YJjSXnTfB5.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x69, components 3\012- data
Hash 657632e3d5ec63dc0451a944e11a0179
867dd10655b413e9ad7c6ead9a6940d413ec6a7d
0f215f6923c11ad6baa9e14e9220c76f1526df66b422b3a2fe908a58055e38f5
GET /t/p/w92/xcP37mEEWiTZcrXe4YJjSXnTfB5.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2471
date: Fri, 03 Feb 2023 04:49:14 GMT
server: openresty
cache-control: public, max-age=31536000
etag: "1c41666047091aef5ac30702acdb3d77"
last-modified: Sat, 20 Feb 2021 14:21:08 GMT
imagery: degrade=85, sample=2x2, difference=1.191
cache-tag: xcP37mEEWiTZcrXe4YJjSXnTfB5
x-cache: Miss from cloudfront
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: M07DgSUmCKrdnk-n8mCI7yZKYinTVs8GKfduJVul-F4F3N6b9huFtQ==
vary: Origin
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/63R1SU9J1t5OI4knMHeqAixIh9d.jpg
200 OK 2.9 kB URL HTTP/2 image.tmdb.org/t/p/w92/63R1SU9J1t5OI4knMHeqAixIh9d.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x69, components 3\012- data
Hash fefac08e16df928b410ddf19cc8a2328
ed85f185366fc9bb33bd535d81ec202490c923a9
2eb9f13c9358bb67c6e332050c40c2de5272e43ef4655e2b48c7d58d8942f0d6
GET /t/p/w92/63R1SU9J1t5OI4knMHeqAixIh9d.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2900
date: Fri, 03 Feb 2023 04:49:14 GMT
server: openresty
cache-control: public, max-age=31536000
etag: "44c8b1a4d77f59a60f1de982db52e6e3"
last-modified: Sat, 20 Feb 2021 14:27:53 GMT
imagery: degrade=85, sample=2x2, difference=1.18
cache-tag: 63R1SU9J1t5OI4knMHeqAixIh9d
x-cache: Miss from cloudfront
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Wzr25bIAsKaqK5v_gWWjzjlSazHVOqO3SKCItW1R-5C_A-PoZW2NNQ==
vary: Origin
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/zVdJRzcnSjbsc9YQ2ZuZ0Kmhi13.jpg
200 OK 2.3 kB URL HTTP/2 image.tmdb.org/t/p/w92/zVdJRzcnSjbsc9YQ2ZuZ0Kmhi13.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x69, components 3\012- data
Hash 33486bf581c77be5ec5111242babee03
7036bc75325a5e59d74caf5210090ca3e13fb739
9f6e024ee4a4d355d4de04e6d3b45ebc7f7f83697bb7e8779c2f25f71ffd72bc
GET /t/p/w92/zVdJRzcnSjbsc9YQ2ZuZ0Kmhi13.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2335
date: Fri, 03 Feb 2023 04:49:14 GMT
server: openresty
cache-control: public, max-age=31536000
etag: "eb1c47f9e91390a93464ca758f27cadf"
last-modified: Sat, 20 Feb 2021 12:56:44 GMT
imagery: degrade=85, sample=2x2, difference=1.208
cache-tag: zVdJRzcnSjbsc9YQ2ZuZ0Kmhi13
x-cache: Miss from cloudfront
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Fj6qYj028Mk_3GcbaOcLiSCpuKbzMGPnICg6rAL_tzLlHCMXO96ZvA==
vary: Origin
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/8bjLjlqA1Y1c4Adnry52ZMulSsR.jpg
200 OK 3.1 kB URL HTTP/2 image.tmdb.org/t/p/w92/8bjLjlqA1Y1c4Adnry52ZMulSsR.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x69, components 3\012- data
Hash 667dfd077bac54a9d6a9f69b132e9a43
0bb80ddb69f0f3f5ffe48a32ecb97e2cdbabc392
541efa13223292fc2387c851847c8e597d27712abb3de96088c39fda87e4b085
GET /t/p/w92/8bjLjlqA1Y1c4Adnry52ZMulSsR.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 3134
date: Fri, 03 Feb 2023 04:49:14 GMT
server: openresty
cache-control: public, max-age=31536000
etag: "66e6200139a475f87279d9274a51c53b"
last-modified: Sat, 20 Feb 2021 14:32:30 GMT
imagery: degrade=85, sample=2x2, difference=1.271
cache-tag: 8bjLjlqA1Y1c4Adnry52ZMulSsR
x-cache: Miss from cloudfront
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Tu_gNCAEzeA0nFw528C4RyL1bRhgf976x4B8ZY5eSDXDZd4uz59lYA==
vary: Origin
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/aa01M4Uy0Jdx6tWHEH2Rf6kbqPX.jpg
200 OK 2.9 kB URL HTTP/2 image.tmdb.org/t/p/w92/aa01M4Uy0Jdx6tWHEH2Rf6kbqPX.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x69, components 3\012- data
Hash 81ba1206a8eacca8f7b55fb04252d8c5
100fb4751d197b52ecd4d53ba8bc0fc392f029e0
92e5b3c24cc6d29bacc1a94c0b0e3fb8428df7aa28c72fb740ed1236f4844433
GET /t/p/w92/aa01M4Uy0Jdx6tWHEH2Rf6kbqPX.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2892
date: Fri, 03 Feb 2023 04:49:14 GMT
server: openresty
cache-control: public, max-age=31536000
etag: "bff22c42d6f94468c0862f22e164a862"
last-modified: Sat, 20 Feb 2021 13:04:54 GMT
imagery: degrade=85, sample=2x2, difference=1.279
cache-tag: aa01M4Uy0Jdx6tWHEH2Rf6kbqPX
x-cache: Miss from cloudfront
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: a8dsiFIPWpkV9m6dCutnTYa5wt5hZI2emUtsWDRdOkjDSYZE8qBvCA==
vary: Origin
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/KnhNaTZ4AI0mfO3h6A8AazCVAP.jpg
200 OK 2.4 kB URL HTTP/2 image.tmdb.org/t/p/w92/KnhNaTZ4AI0mfO3h6A8AazCVAP.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x69, components 3\012- data
Hash 782758abcd5a14a0fb06267fa42847f3
05c56d641296c65df831e692aeb189d3f75e285f
05e5a825864deee1929120244ca7c9cc8daa833fe33af9f35c6a3c1ad637fc90
GET /t/p/w92/KnhNaTZ4AI0mfO3h6A8AazCVAP.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2382
date: Fri, 03 Feb 2023 04:49:14 GMT
server: openresty
cache-control: public, max-age=31536000
etag: "c6a59ed47c9ba0da4a4aaa08cf56dc9f"
last-modified: Sat, 20 Feb 2021 14:36:16 GMT
imagery: degrade=85, sample=2x2, difference=1.211
cache-tag: KnhNaTZ4AI0mfO3h6A8AazCVAP
x-cache: Miss from cloudfront
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: DSIY_r2vYY8JHuB8HQLyEN4zarw6FC2zZoOdNY2PTd-YR38QQF779g==
vary: Origin
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash cb61b95cdb923679efd23dd37e1d76e5
0a50c30c7436219592936fba0d1bf643c759aa97
38d7960e35a131985a0e176db4c813e0cddd8b75480dbac8451dee444eae0a45
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=132661
Date: Fri, 03 Feb 2023 04:49:14 GMT
Etag: "63dbec66-1d7"
Expires: Sat, 04 Feb 2023 17:40:15 GMT
Last-Modified: Thu, 02 Feb 2023 17:01:26 GMT
Server: ECS (nyb/1D1C)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UCeXpagdbUSf8ErrE7hHr_PgI_9PpLhg5Cb-V6DblDGj0EwxEaw7sw==
Age: 2329
image.tmdb.org/t/p/w92/gXwqJ6UzSP7Rf0hjyWHgEuxCMiq.jpg
200 OK 2.4 kB URL HTTP/2 image.tmdb.org/t/p/w92/gXwqJ6UzSP7Rf0hjyWHgEuxCMiq.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x69, components 3\012- data
Hash 937afb99bd91e6e169cb944122e14e5c
ee7ea322f64e56d0b849631739b84cc308f6c5e3
c6015a6fdd658cc3bd220650917d29092748451d17f4b5de3714d243a29fce83
GET /t/p/w92/gXwqJ6UzSP7Rf0hjyWHgEuxCMiq.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2445
date: Fri, 03 Feb 2023 04:49:14 GMT
server: openresty
cache-control: public, max-age=31536000
etag: "451187700cbe0f0c45fec4da0d6d61be"
last-modified: Sat, 20 Feb 2021 13:48:37 GMT
imagery: degrade=85, sample=2x2, difference=1.269
cache-tag: gXwqJ6UzSP7Rf0hjyWHgEuxCMiq
x-cache: Miss from cloudfront
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 6qP1QkNp9-GqU2IBRLXNwfbUONNTUDQ8Xkhn5G1cyL2kj82P-fQVdg==
vary: Origin
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/tFeHnYp4GM5WvTIuthngWqcU645.jpg
200 OK 2.9 kB URL HTTP/2 image.tmdb.org/t/p/w92/tFeHnYp4GM5WvTIuthngWqcU645.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x69, components 3\012- data
Hash c51b0c73cea06aad64de250f1c050db0
c4e18baaec5e98ef1dea0a26bf254ca4099f8e35
5446290943a0f14e3d57e94a98a0d80f6c8d659404c50113aaca7dfa616f2641
GET /t/p/w92/tFeHnYp4GM5WvTIuthngWqcU645.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2873
date: Fri, 03 Feb 2023 04:49:14 GMT
server: openresty
cache-control: public, max-age=31536000
etag: "84b278b2cbbaa2824e5e700e4fe4e70d"
last-modified: Sat, 20 Feb 2021 13:40:44 GMT
imagery: degrade=85, sample=2x2, difference=1.021
cache-tag: tFeHnYp4GM5WvTIuthngWqcU645
x-cache: Miss from cloudfront
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: T2sn5FHyku3PqORyMmdBLLAhtB7ltRIrcYez1uute2lij325JXiF2w==
vary: Origin
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/sn19IJTWcyciB7l1GGObY1rtVgE.jpg
200 OK 4.7 kB URL HTTP/2 image.tmdb.org/t/p/w92/sn19IJTWcyciB7l1GGObY1rtVgE.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x69, components 3\012- data
Hash 9ecea6c79b2868985c483002203d5e4e
0f66d75157771e5972855db6e23d1e5acc2ff722
68d65b6ea31c7723f24145969ea6a2141fc9d81b0d053ac40f48327ee837f4f4
GET /t/p/w92/sn19IJTWcyciB7l1GGObY1rtVgE.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 4749
date: Fri, 03 Feb 2023 04:49:14 GMT
server: openresty
cache-control: public, max-age=31536000
etag: "20614698ed7299ea6c2fa499ee80d177"
last-modified: Sat, 20 Feb 2021 12:51:33 GMT
imagery: degrade=85, sample=1x1, difference=1.724
cache-tag: sn19IJTWcyciB7l1GGObY1rtVgE
x-cache: Miss from cloudfront
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: E6ziJ_QyMbWD_LEIuqG51IHuazeXCZ_RaFT0-n-w7EiMvVaAv1IWTA==
vary: Origin
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/rYM9kwXGO8IlgAHYXLxhqWVfWGa.jpg
200 OK 3.0 kB URL HTTP/2 image.tmdb.org/t/p/w92/rYM9kwXGO8IlgAHYXLxhqWVfWGa.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x69, components 3\012- data
Hash f64b29fb127d530dd777079f9ac2f71a
1b5b9c193dffa36444921605ccbcc9ac3370252f
db687b95b604290450f60de56d09461fc816e769a0b280fda345905cfe46b1e1
GET /t/p/w92/rYM9kwXGO8IlgAHYXLxhqWVfWGa.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 3008
date: Fri, 03 Feb 2023 04:49:14 GMT
server: openresty
cache-control: public, max-age=31536000
etag: "e684effb809442818bcfc5035a9a0dbe"
last-modified: Sat, 20 Feb 2021 12:47:38 GMT
imagery: degrade=85, sample=2x2, difference=1.547
cache-tag: rYM9kwXGO8IlgAHYXLxhqWVfWGa
x-cache: Miss from cloudfront
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: FbJC51Csaxrj7LKVWHFCnRPxVGsGbPE200_e5sq5J_TxOZ5JN3NLeA==
vary: Origin
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uFUNP37pRmvFzsu0RnK7dQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: R67cpFDTPkO7tqTkp+yBZZVUwwg=
ads.themoneytizer.com/moneybid7_28/build_noconsent/dist/prebid.js
200 OK 184 kB URL HTTP/2 ads.themoneytizer.com/moneybid7_28/build_noconsent/dist/prebid.js
IP
ASN #60068 Datacamp Limited
Size 184 kB (184451 bytes)
Hash b35e5bcfe9d3b494d9263782996dbf9c
eff85580e18fbe06d1abad44585f3bd69d459d00
f2a269895ccf503522456db749bbafda2d59594c4c4afc704dc428d97619abbd
GET /moneybid7_28/build_noconsent/dist/prebid.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:14 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 21:13:59 GMT
expires: Fri, 03 Feb 2023 05:03:58 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1675400638
server: CDN77-Turbo
x-77-nzt: AblMCRQKGbX/DE4BAA
x-77-nzt-ray: af585630e5a8bf3a4a92dc63ea14b434
x-cache: HIT
x-age: 85516
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 36 kB IP
Hash 15cdde3133342acbc8d3cb01742e7dc0
a767853ec627071d477fd4e5b6ab39654f7b6548
5dbc55800f2f49c91dd8e500e8cdd97dbedfb97c57178d1ca13cff56986b160e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5466
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:14 GMT
Last-Modified: Fri, 03 Feb 2023 03:18:08 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 312
r3.o.lencr.org/
200 OK 4.8 kB IP
ASN #20940 Akamai International B.V.
Hash 47994375a1ab9aa1326189e6b3596c1f
7f5756b136e80d0386f6bc762fd6e6dcd134059c
c538619721bcc5d7bc880d2f062f639811711447da1a648fcf7abfe706487012
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAC7086D533DE13BB6A7ACE203F33530359E60690A0510AEEC24853DD4A90837"
Last-Modified: Wed, 01 Feb 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4795
Expires: Fri, 03 Feb 2023 06:09:10 GMT
Date: Fri, 03 Feb 2023 04:49:15 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6df4b5c91288cba3329ce52d922ba687
4c5d459da3ce1c13cd6feadb17318babb9857908
f8da4748a32d8a3919e1aa96ffd93ce1c69ababa8338b8767a6212f0ea049607
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F8DA4748A32D8A3919E1AA96FFD93CE1C69ABABA8338B8767A6212F0EA049607"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17887
Expires: Fri, 03 Feb 2023 09:47:22 GMT
Date: Fri, 03 Feb 2023 04:49:15 GMT
Connection: keep-alive
onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1675399784176
204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1675399784176
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=2a897e3f18e6769&cb=1675399784176 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
p.cpx.to/p/12763/px.js
200 OK 2.0 kB IP
File type ASCII text, with very long lines (1990), with no line terminators
Hash 040d580a48229902c683623ac1d066a1
be6ca2aa413481fd7350c5c6cf5658c65dccb513
6e7ec1538f64f09356d095457fa3387b84619a8f32db7708a4a21957e7d33a3d
GET /p/12763/px.js HTTP/1.1
Host: p.cpx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
cache-control: max-age=2419200, public
content-type: application/javascript; charset=UTF-8
date: Fri, 03 Feb 2023 04:49:14 GMT
Content-Length: 1990
Connection: keep-alive
image.tmdb.org/t/p/w1280/sn19IJTWcyciB7l1GGObY1rtVgE.jpg
200 OK 172 kB URL HTTP/2 image.tmdb.org/t/p/w1280/sn19IJTWcyciB7l1GGObY1rtVgE.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x960, components 3\012- data
Size 172 kB (171450 bytes)
Hash df9ba1b0f408a3900d6cfd88c6c21de4
ffbc8ec35b1c2bb48df7f020a0500c77102bf475
1386033c5f138de9129a01fb56c81967b5353b8faf305bd84cf01f2fcdd42d4c
GET /t/p/w1280/sn19IJTWcyciB7l1GGObY1rtVgE.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 171450
date: Fri, 03 Feb 2023 04:49:14 GMT
server: openresty
cache-control: public, max-age=31536000
etag: "20614698ed7299ea6c2fa499ee80d177"
last-modified: Sat, 20 Feb 2021 12:51:33 GMT
imagery: degrade=85, sample=2x2, difference=1.085
cache-tag: sn19IJTWcyciB7l1GGObY1rtVgE
x-cache: Miss from cloudfront
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: HS5lo1RYYslqtoLfVUEnZFayeo4LMjk4zIEnnDshQQIeonQ5paFIcw==
vary: Origin
X-Firefox-Spdy: h2
ads.themoneytizer.com/IIQUniversalID.js
200 OK 12 kB URL HTTP/2 ads.themoneytizer.com/IIQUniversalID.js
IP
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (52687), with no line terminators
Hash 8b92c73a7caa0bea29a6977e6383ec5d
1e9830bbc7fabc28fe2df902889b974f57c80714
846d9de97320f255fc3faf023677b7487506c68f7a6c667556c53f04f0657f60
GET /IIQUniversalID.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:14 GMT
content-type: application/javascript
last-modified: Wed, 12 Oct 2022 18:48:43 GMT
expires: Fri, 03 Feb 2023 05:03:48 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1675400628
server: CDN77-Turbo
x-77-nzt: AblMCRSvBf3/Fk4BAA
x-77-nzt-ray: af585630e5a8bf3a4a92dc63775b8027
x-cache: HIT
x-age: 85526
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
tag.leadplace.fr/libJsLP.js
200 OK 5.5 kB URL HTTP/1.1 tag.leadplace.fr/libJsLP.js
IP
Hash a0c24f993bc0901cfe62d1e801cb2b45
7eb2bdce06161ae486bc8e7ecd0b5c9c4f7b2984
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
GET /libJsLP.js HTTP/1.1
Host: tag.leadplace.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Fri, 03 Feb 2023 04:49:15 GMT
Content-Type: application/javascript
Content-Length: 5547
Last-Modified: Thu, 14 Oct 2021 07:27:52 GMT
ETag: "6167dbf8-15ab"
Accept-Ranges: bytes
X-IPLB-Request-ID: 5B5A2A9A:6A04_91EFC0A6:01BB_63DC924B_6A142013:237B9
X-IPLB-Instance: 30195
script.4dex.io/localstore.js
200 OK 268 B URL HTTP/1.1 script.4dex.io/localstore.js
IP
File type ASCII text, with very long lines (482)
Hash 58fe1f2623397cca72ecea6ee95d76b9
ac4d33ae761cf330574597936273a9c5d82f96d0
7cb0b5944c53bbacc5983fbef96aa0c1f514ec12da81666765610eae562a9020
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 04:49:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 1855217
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QptEtuUEuWguTOm17fDH7jz7tx8xlUj9uJUahUpaaPUW%2B6%2FYW8G0Kn1QGqYaLos2TDc%2FdRY777q57MfyTh0Tv1U%2Bh4morXzgf5SuHw3BOQ0JyiftdA59dJPDGtG1Zzbv"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 793889f5d851b4f3-OSL
Content-Encoding: br
r3.o.lencr.org/
200 OK 16 kB IP
ASN #20940 Akamai International B.V.
Hash 635d0a33c39043b2d97598fe8803fa29
5b21a47cfad8374979e5a2eadb54c8c2eb1899ec
198f1dea5b2086550d358522572e4f5b098b4d4e48bc91db38ae34675a242609
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "740E3D2348357DB713554FF75471D18AD9D2A2E810F71B3BAB61984B026295FD"
Last-Modified: Thu, 02 Feb 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5431
Expires: Fri, 03 Feb 2023 06:19:46 GMT
Date: Fri, 03 Feb 2023 04:49:15 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 312 B IP
Hash 0357ce1eaac9d331781303579d73b50c
2f84b8aef61ded4d952b62558ecf0b4869fa3905
72222d88f13cf90b534ac445d8a0ab59c14dd5935f798a472ffea10b3eae48d6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5837
Cache-Control: max-age=117793
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:15 GMT
Etag: "63dba49f-138"
Expires: Sat, 04 Feb 2023 13:32:28 GMT
Last-Modified: Thu, 02 Feb 2023 11:55:11 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
200 OK 312 B IP
Hash 0357ce1eaac9d331781303579d73b50c
2f84b8aef61ded4d952b62558ecf0b4869fa3905
72222d88f13cf90b534ac445d8a0ab59c14dd5935f798a472ffea10b3eae48d6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5837
Cache-Control: max-age=117793
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:15 GMT
Etag: "63dba49f-138"
Expires: Sat, 04 Feb 2023 13:32:28 GMT
Last-Modified: Thu, 02 Feb 2023 11:55:11 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 312
tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fsimpsonitos.blog%2Fepisodio%2Flos-simpson-2x2%2F&id=MTIZ
200 OK 0 B URL HTTP/1.1 tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fsimpsonitos.blog%2Fepisodio%2Flos-simpson-2x2%2F&id=MTIZ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wckr.php?ref=https%3A%2F%2Fsimpsonitos.blog%2Fepisodio%2Flos-simpson-2x2%2F&id=MTIZ HTTP/1.1
Host: tag.leadplace.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Fri, 03 Feb 2023 04:49:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-IPLB-Request-ID: 5B5A2A9A:6A04_91EFC0A6:01BB_63DC924B_6A142016:237B9
X-IPLB-Instance: 30195
id5-sync.com/api/config/prebid
200 134 B URL HTTP/1.1 id5-sync.com/api/config/prebid
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 99be75395b3c89cdd6781761e5a85ad2
225a8b587c3545be2581aa9ac2b630b51679d7be
559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1
POST /api/config/prebid HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 95
Origin: https://simpsonitos.blog
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://simpsonitos.blog
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Fri, 03 Feb 2023 04:49:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 774e8dff324a44a21c74e448f936c145
28b22f31bf115f7e55c35d9d6fb950827485a8f0
05877a5cfb2c69854fd69d1b8c7a03513662acea95bb61ceb0cc5c5213660ee5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "05877A5CFB2C69854FD69D1B8C7A03513662ACEA95BB61CEB0CC5C5213660EE5"
Last-Modified: Tue, 31 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5911
Expires: Fri, 03 Feb 2023 06:27:46 GMT
Date: Fri, 03 Feb 2023 04:49:15 GMT
Connection: keep-alive
script.4dex.io/adagio.js
200 OK 23 kB IP
File type ASCII text, with very long lines (65354)
Hash 0ffb2c9b6dd933ae18ab7dc729d58e69
bb88b2f3fc47452873348d1cdcb7ea3d4a2bbc10
0cd0e55fa43693dfe4b04a225bf7774eb3f66e232828f8d661547728475a12f2
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://simpsonitos.blog/
Origin: https://simpsonitos.blog
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 04:49:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Vary: Origin, Accept-Encoding
Access-Control-Expose-Headers:
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ai%2FuhuUS9HvmJNms0uGF9CcP%2F5w5Ik8yyzyaNEtUSj4RhQ8%2FtYVHqAulHj94r%2FEnfcwZH0qgQbJaBqaOP26Zr8icgaIOD8M1MDsU7iaGd7MKhQgB6hJlrla6MEjB5rHY"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 793889f63b81b50f-OSL
Content-Encoding: br
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0b4dbfa81ee722e56748df63c442dfc7
0cd0df01f282a22c8d67ef5c9a9a209faf6c83b9
546b0e02f47e65e9941bbe504a4b3dea0d5a3a2e45e2c08ea02f67a53cd79119
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "546B0E02F47E65E9941BBE504A4B3DEA0D5A3A2E45E2C08EA02F67A53CD79119"
Last-Modified: Thu, 02 Feb 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1933
Expires: Fri, 03 Feb 2023 05:21:28 GMT
Date: Fri, 03 Feb 2023 04:49:15 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 795fd8179eb3a8f80fe7a7dad686cffa
2d48d68e87cdbd93d21c104cf2cd1b8e6c1deede
e6f376698b22de940593e0c4b11788f2fbae4b359716170c3408af96c668d576
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E6F376698B22DE940593E0C4B11788F2FBAE4B359716170C3408AF96C668D576"
Last-Modified: Thu, 02 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14621
Expires: Fri, 03 Feb 2023 08:52:56 GMT
Date: Fri, 03 Feb 2023 04:49:15 GMT
Connection: keep-alive
kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fsimpsonitos.blog%2Fepisodio%2Flos-simpson-2x2%2F
200 OK 562 B URL HTTP/1.1 kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fsimpsonitos.blog%2Fepisodio%2Flos-simpson-2x2%2F
IP
File type JSON data\012- , ASCII text, with very long lines (1432), with no line terminators
Hash 07fe8c0e52164f6ea2ae8809c8ab2d71
eb6f25eb595aff7fae0d03e46463fdb1e7927e63
bc6eb1f56ca02242c4256c9bb7430aeb198dd3919c6381808da322dd0b3e78be
GET /api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fsimpsonitos.blog%2Fepisodio%2Flos-simpson-2x2%2F HTTP/1.1
Host: kvt.sddan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://simpsonitos.blog
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Fri, 03 Feb 2023 04:49:15 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://simpsonitos.blog
Cache-Control: private, max-age=60
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 313 B IP
Hash 3de4fcca2691e9899de00c51ec720ad5
c3df63b0511cbdfb588e417692be11efab596f9c
24452e5e022f648140174cec0933dd72d3fbf7f8d566439928b73bbfa5282288
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4435
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:15 GMT
Last-Modified: Fri, 03 Feb 2023 03:35:20 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 313
lb.eu-1-id5-sync.com/lb/v1
200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 56133ec5b8096e0b55d06c53c513338a
ec8e47ce556ed3bb990ec1354ea14440819f642d
b543163c415452e1a85ab0891252b343a956b6dd3d1032a5ed565c143498da60
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://simpsonitos.blog
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://simpsonitos.blog
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Fri, 03 Feb 2023 04:49:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
dnacdn.net/dna
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://simpsonitos.blog
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:15 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=0XokpV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czdKd1h4aUQzampQVmhwOEVYMzJPa0M3SjBIU2p2YyUyQmRCZkFFenJTaG9SOA; expires=Wed, 28 Feb 2024 04:49:15 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://simpsonitos.blog
server-processing-duration-in-ticks: 243347
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 9b065dd10769b4123608f9a5e4605f6a
99ed1febf2e2e6e51fe64dc9ff0e84bb494a2369
78b576dd0b15b786715efdd4a5d204643f51e27e72593679775be417a3ccfa53
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 04:49:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 19:14:54 GMT
Expires: Thu, 09 Feb 2023 19:14:53 GMT
Etag: "99ed1febf2e2e6e51fe64dc9ff0e84bb494a2369"
Cache-Control: max-age=569737,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793889f66a3bb51b-OSL
region1.google-analytics.com/g/collect?v=2&tid=G-PXQVJ5VZY6>m=45je3210&_p=288814847&gdid=dZTNiMT&cid=354389779.1675399784&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675399784&sct=1&seg=0&dl=https%3A%2F%2Fsimpsonitos.blog%2Fepisodio%2Flos-simpson-2x2%2F&dt=Los%20Simpson%202x2%20Archives%20-%20Simpsonitos&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-PXQVJ5VZY6>m=45je3210&_p=288814847&gdid=dZTNiMT&cid=354389779.1675399784&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675399784&sct=1&seg=0&dl=https%3A%2F%2Fsimpsonitos.blog%2Fepisodio%2Flos-simpson-2x2%2F&dt=Los%20Simpson%202x2%20Archives%20-%20Simpsonitos&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-PXQVJ5VZY6>m=45je3210&_p=288814847&gdid=dZTNiMT&cid=354389779.1675399784&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675399784&sct=1&seg=0&dl=https%3A%2F%2Fsimpsonitos.blog%2Fepisodio%2Flos-simpson-2x2%2F&dt=Los%20Simpson%202x2%20Archives%20-%20Simpsonitos&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://simpsonitos.blog
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://simpsonitos.blog
date: Fri, 03 Feb 2023 04:49:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s.cpx.to/fire.js?pid=12763&ref=&url=https%3A%2F%2Fsimpsonitos.blog%2Fepisodio%2Flos-simpson-2x2%2F&hn_ver=40&fid=d519f2e9-4f56-444d-a3fa-030d781bff8c
200 OK 685 B URL HTTP/1.1 s.cpx.to/fire.js?pid=12763&ref=&url=https%3A%2F%2Fsimpsonitos.blog%2Fepisodio%2Flos-simpson-2x2%2F&hn_ver=40&fid=d519f2e9-4f56-444d-a3fa-030d781bff8c
IP
File type ASCII text, with very long lines (685), with no line terminators
Hash d46788a558f8519b330d9f601f0bfe33
ee0006bce4c496df0cdf2ef76cc8f3ded1c11b49
1cfb12439c44851942ac1848492f53ca2b36b9a23b0a7810e51781232790496c
GET /fire.js?pid=12763&ref=&url=https%3A%2F%2Fsimpsonitos.blog%2Fepisodio%2Flos-simpson-2x2%2F&hn_ver=40&fid=d519f2e9-4f56-444d-a3fa-030d781bff8c HTTP/1.1
Host: s.cpx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 04:49:15 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 685
Connection: keep-alive
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: none
cache-control: no-store, must-revalidate, private, max-age=0
pragma: no-cache
p3p: CP="NOI DEV ADM"
expires: Mon, 30 Jan 2023 15:28:39 UTC
set-cookie: cpSess=b7b1207e5730b1c; Expires=Sat, 03 Feb 2024 04:49:15 GMT; Domain=.cpx.to; Path=/; Secure; HttpOnly; SameSite=None
id5-sync.com/g/v2/12.json
200 216 B URL HTTP/1.1 id5-sync.com/g/v2/12.json
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash ebc2f5bca37f7e906eb00f04119e17a6
ce2649564167fcddb03af41d1f2b458a5941d49e
9049cef6e3129f1ca2911ac18501a3c06d597bd623037e771ca48ca6dce91e0d
POST /g/v2/12.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 283
Origin: https://simpsonitos.blog
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://simpsonitos.blog
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Fri, 03 Feb 2023 04:49:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
200 43 B URL HTTP/1.1 id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /i/12/9.gif?gdpr=&gdpr_consent= HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Fri, 03-Feb-2023 04:54:15 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Fri, 03-Feb-2023 04:54:15 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Fri, 03-Feb-2023 04:54:15 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Fri, 03-Feb-2023 04:54:15 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Fri, 03-Feb-2023 04:54:15 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Fri, 03-Feb-2023 04:54:15 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Fri, 03 Feb 2023 04:49:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
c.tmyzer.com/c/?s=101661&f=44&fi=0
200 OK 0 B URL HTTP/1.1 c.tmyzer.com/c/?s=101661&f=44&fi=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?s=101661&f=44&fi=0 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://simpsonitos.blog
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 04:49:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
X-IPLB-Request-ID: 5B5A2A9A:8408_36264064:01BB_63DC924B_22FDFBE:2C9C0
X-IPLB-Instance: 20686
ced.sascdn.com/tag/1097/smart.js
200 OK 33 kB URL HTTP/1.1 ced.sascdn.com/tag/1097/smart.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash ab5d7bcba6f9bbe86e71d3f75061efc8
bf137eb7dc8285e29d986f6b8f3272f6f979bc0e
a973cdadddcd9ba18f6e262f602d39e091090e4a94ac036b3fc4f7428e5b84e6
GET /tag/1097/smart.js HTTP/1.1
Host: ced.sascdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 32964
Cache-Control: public, max-age=7200
Expires: Fri, 03 Feb 2023 06:49:15 GMT
Date: Fri, 03 Feb 2023 04:49:15 GMT
Connection: keep-alive
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
200 OK 26 kB URL HTTP/1.1 d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
IP
File type ASCII text, with very long lines (16085)
Hash 8703fc9eead243fe2f47380e962d7fa2
3d9f707259112fa9ccdd1e676f00eadcff71906c
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
GET /a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js HTTP/1.1
Host: d2zur9cc2gf1tx.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 25704
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Date: Fri, 03 Feb 2023 02:21:27 GMT
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OVPfRMcrnd8-PU-DssEl9e7xSmS49_a1VCPwCD5_4Cyl46vWUK9NNQ==
Age: 8869
ads.themoneytizer.com/bidder1/moneybid.js?siteid=101661&adid=44&formatid=116434&size=desktop
200 OK 20 kB URL HTTP/2 ads.themoneytizer.com/bidder1/moneybid.js?siteid=101661&adid=44&formatid=116434&size=desktop
IP
ASN #60068 Datacamp Limited
File type JSON data\012- HTML document, ASCII text, with very long lines (1490)
Hash 313c304c6fdff6e9bb197765f7320368
935ad6e0c08cca07b168ccc695ac356198607dfa
037958400f47f11c9d7be993c3b709ca2b8a8e07a379a832f699cc2966217d67
GET /bidder1/moneybid.js?siteid=101661&adid=44&formatid=116434&size=desktop HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://simpsonitos.blog
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:15 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://simpsonitos.blog
cache-control: max-age=604800
x-accel-expires: @1676004555
server: CDN77-Turbo
vary: Origin
x-77-nzt: AblMCRQetPqh
x-77-nzt-ray: af585630e5a8bf3a4b92dc631c03141c
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash f1d7caa3990755c35b3e67326ce30c48
0564b1aaab6c757a54df2cf0a1f625af03fa179c
ddfb8bd82c7416a8b00612e89b74455b8bd256a757ccfcdb2dba4a3bf17b162b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5089
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:15 GMT
Last-Modified: Fri, 03 Feb 2023 03:24:26 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9bfd33253208c9d034988400d66abd5d
8811fd76d9bc56c15431433f8f08d648185992ed
6382de7eb2bc0b40dc6d2e21ab8b6cb90cc0effe3241e3fb5008d2e4f626e92c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gum.criteo.com/sync?c=147&r=2&j=criteoCallback
200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=147&r=2&j=criteoCallback
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: https://simpsonitos.blog/
Origin: https://simpsonitos.blog
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:14 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://simpsonitos.blog
server-processing-duration-in-ticks: 639442
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9bfd33253208c9d034988400d66abd5d
8811fd76d9bc56c15431433f8f08d648185992ed
6382de7eb2bc0b40dc6d2e21ab8b6cb90cc0effe3241e3fb5008d2e4f626e92c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash aeea9e144cc0f54034a171c595f109db
10492fe44c12c2ac14e85aabab86ce062c2fbb2a
32d7b2564e83e3e9b695af9b7237949dbbaf5b0012b5f2a5ad314483ea02b3af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1875
Cache-Control: max-age=105511
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:15 GMT
Etag: "63db841f-1d7"
Expires: Sat, 04 Feb 2023 10:07:46 GMT
Last-Modified: Thu, 02 Feb 2023 09:36:31 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 4447fc93472fd91894913da45e59088e
753eaf5093baf0c3af4878a7f7cddbca6bce0f05
0ea0a8e65a61807cbd85e2b3f8bf02befe78cb1344a74ac08673dd00d421a80d
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 04:49:15 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 07 Feb 2023 03:43:18 GMT
ETag: "753eaf5093baf0c3af4878a7f7cddbca6bce0f05"
Last-Modified: Fri, 03 Feb 2023 03:43:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1793
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793889f91c4d1c0e-OSL
secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12763%26ref%3D%26url%3Dhttps%253A%252F%252Fsimpsonitos.blog%252Fepisodio%252Flos-simpson-2x2%252F%26hn_ver%3D40%26fid%3Dd519f2e9-4f56-444d-a3fa-030d781bff8c
307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12763%26ref%3D%26url%3Dhttps%253A%252F%252Fsimpsonitos.blog%252Fepisodio%252Flos-simpson-2x2%252F%26hn_ver%3D40%26fid%3Dd519f2e9-4f56-444d-a3fa-030d781bff8c
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12763%26ref%3D%26url%3Dhttps%253A%252F%252Fsimpsonitos.blog%252Fepisodio%252Flos-simpson-2x2%252F%26hn_ver%3D40%26fid%3Dd519f2e9-4f56-444d-a3fa-030d781bff8c HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 03 Feb 2023 04:49:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12763%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Fsimpsonitos.blog%25252Fepisodio%25252Flos-simpson-2x2%25252F%2526hn_ver%253D40%2526fid%253Dd519f2e9-4f56-444d-a3fa-030d781bff8c
AN-X-Request-Uuid: a6528f00-7271-4eb9-b22d-fb1648d27ecf
Set-Cookie: uuid2=7171990413621859394; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 04-May-2023 04:49:15 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=d519f2e9-4f56-444d-a3fa-030d781bff8c
302 Found 341 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=d519f2e9-4f56-444d-a3fa-030d781bff8c
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 4dc7f3bfc0cbc01d502ae4868907d2b7
72c1281fa974e4efeb5c8ba21286fdbf4da6c879
8b335e78b6f56cb7b61f86bae9446b97dffa6e6d444f8f25c0671ae7ba40ab3f
GET /pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=d519f2e9-4f56-444d-a3fa-030d781bff8c HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=d519f2e9-4f56-444d-a3fa-030d781bff8c&google_tc=
date: Fri, 03 Feb 2023 04:49:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 341
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 03-Feb-2023 05:04:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
200 OK 631 B URL HTTP/2 spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
IP
File type ASCII text, with no line terminators
Hash 4f6b2c6eefadc53471755b556d7e744f
af5c5fa7008eff41fb669ef50b740b11e0f34422
a819910978be7cdb8998466527b055d8609ac209bf9b34ef2886080500bc4f7b
GET /?env=mWeb&eventType=pageview&zdid=1258 HTTP/1.1
Host: spl.zeotap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://simpsonitos.blog
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:15 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://simpsonitos.blog
set-cookie: zc=9aed1f6c-8715-45d5-6da7-5b6d4d7b023c; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure
zsc=D%A3H%1D%AAF%E9-f8%D6%DA%9A%A7%3D%BA%CC%80_%861%E4%ED%E4%22%BD%E3%88%D7N%84%DA%16%25k%09%3Dl-9V%DB%F4%A1%9A%DB%00%AA%1E%88i%A7i%B2%5B%2B%D1%EC%A4%F0%DE~%FE%D4%A0%7B%F8%0B%3F%60%C5-D%02%DD%B4W%95%0Bu~%C4%A7; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 793889f5bebdb500-OSL
content-encoding: br
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
200 OK 423 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
IP
Hash 6ad8b7fc606cd79c1d8238c88fabb88e
0fe18c74a4ee24332e06933922d97db612ac9d07
c0a80b41bf4c6b2e9cb8897f61008659a8beb1f4dbd8fed80e22efb6ddb3c306
GET /track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:15 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9bfd33253208c9d034988400d66abd5d
8811fd76d9bc56c15431433f8f08d648185992ed
6382de7eb2bc0b40dc6d2e21ab8b6cb90cc0effe3241e3fb5008d2e4f626e92c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12763%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Fsimpsonitos.blog%25252Fepisodio%25252Flos-simpson-2x2%25252F%2526hn_ver%253D40%2526fid%253Dd519f2e9-4f56-444d-a3fa-030d781bff8c
302 Found 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12763%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Fsimpsonitos.blog%25252Fepisodio%25252Flos-simpson-2x2%25252F%2526hn_ver%253D40%2526fid%253Dd519f2e9-4f56-444d-a3fa-030d781bff8c
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12763%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Fsimpsonitos.blog%25252Fepisodio%25252Flos-simpson-2x2%25252F%2526hn_ver%253D40%2526fid%253Dd519f2e9-4f56-444d-a3fa-030d781bff8c HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://simpsonitos.blog/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Fri, 03 Feb 2023 04:49:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://s.cpx.to/an_fire?app_nexus_uid=0&pid=12763&ref=&url=https%3A%2F%2Fsimpsonitos.blog%2Fepisodio%2Flos-simpson-2x2%2F&hn_ver=40&fid=d519f2e9-4f56-444d-a3fa-030d781bff8c
AN-X-Request-Uuid: b0fa60fb-e115-4159-9251-df61cb012084
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=9aed1f6c-8715-45d5-6da7-5b6d4d7b023c&reqId=68c14165-ead0-4ec1-6b94-9019fdcf4362&zdid=1258&google_tc=
302 Found 437 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=9aed1f6c-8715-45d5-6da7-5b6d4d7b023c&reqId=68c14165-ead0-4ec1-6b94-9019fdcf4362&zdid=1258&google_tc=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 0b111e169bdeaf20d2a2cfc8ad176f9b
9f44ec4e8cde0756abd0125183e5430df3676303
fda31567114bb8b7a0849590befe2fb960f05ed60242c2344060922c41807c0e
GET /pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=9aed1f6c-8715-45d5-6da7-5b6d4d7b023c&reqId=68c14165-ead0-4ec1-6b94-9019fdcf4362&zdid=1258&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://simpsonitos.blog/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=9aed1f6c-8715-45d5-6da7-5b6d4d7b023c&reqId=68c14165-ead0-4ec1-6b94-9019fdcf4362&zdid=1258&google_error=3
date: Fri, 03 Feb 2023 04:49:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 437
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=d519f2e9-4f56-444d-a3fa-030d781bff8c&google_tc=
302 Found 292 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=d519f2e9-4f56-444d-a3fa-030d781bff8c&google_tc=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 382445289589a4a7b90ed809c05f46fd
030bdbb441723544f70235d05534da44a2a59142
955579be6b5a4ef7df615c675fdf07171b2234a5fed5eb72206fa52e21132021
GET /pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=d519f2e9-4f56-444d-a3fa-030d781bff8c&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://simpsonitos.blog/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://s.cpx.to/ca.png?dsp=dbm&fid=d519f2e9-4f56-444d-a3fa-030d781bff8c&google_error=3
date: Fri, 03 Feb 2023 04:49:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 292
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s.cpx.to/ca.png?dsp=dbm&fid=d519f2e9-4f56-444d-a3fa-030d781bff8c&google_error=3
200 OK 95 B URL HTTP/1.1 s.cpx.to/ca.png?dsp=dbm&fid=d519f2e9-4f56-444d-a3fa-030d781bff8c&google_error=3
IP
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 9606fa62df0ffe87253f3baf418f0e42
fe8520ab0bf1622350513d685ece5faf70b4e8c1
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
GET /ca.png?dsp=dbm&fid=d519f2e9-4f56-444d-a3fa-030d781bff8c&google_error=3 HTTP/1.1
Host: s.cpx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://simpsonitos.blog/
Connection: keep-alive
Cookie: cpSess=b7b1207e5730b1c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 04:49:15 GMT
Content-Type: image/png
Content-Length: 95
Connection: keep-alive
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: none
cache-control: no-store, must-revalidate, private, max-age=0
pragma: no-cache
set-cookie: cpSess=b7b1207e5730b1c; Expires=Sat, 03 Feb 2024 04:49:15 GMT; Domain=.cpx.to; Path=/; Secure; HttpOnly; SameSite=None
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d55ed66d0b4cd5c28f8282b451d64704
1b67339a6c080a855be021bf00bd710daf00c6b6
95e8e5fec7fc51d4c0c6f3f7f209cd1e19bb88fe1264f3b4c329895266489669
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "95E8E5FEC7FC51D4C0C6F3F7F209CD1E19BB88FE1264F3B4C329895266489669"
Last-Modified: Thu, 02 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12442
Expires: Fri, 03 Feb 2023 08:16:37 GMT
Date: Fri, 03 Feb 2023 04:49:15 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=9aed1f6c-8715-45d5-6da7-5b6d4d7b023c&reqId=68c14165-ead0-4ec1-6b94-9019fdcf4362&zdid=1258&google_error=3
200 OK 95 B URL HTTP/2 mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=9aed1f6c-8715-45d5-6da7-5b6d4d7b023c&reqId=68c14165-ead0-4ec1-6b94-9019fdcf4362&zdid=1258&google_error=3
IP
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=9aed1f6c-8715-45d5-6da7-5b6d4d7b023c&reqId=68c14165-ead0-4ec1-6b94-9019fdcf4362&zdid=1258&google_error=3 HTTP/1.1
Host: mwzeom.zeotap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://simpsonitos.blog/
Connection: keep-alive
Cookie: zc=9aed1f6c-8715-45d5-6da7-5b6d4d7b023c; zsc=D%A3H%1D%AAF%E9-f8%D6%DA%9A%A7%3D%BA%CC%80_%861%E4%ED%E4%22%BD%E3%88%D7N%84%DA%16%25k%09%3Dl-9V%DB%F4%A1%9A%DB%00%AA%1E%88i%A7i%B2%5B%2B%D1%EC%A4%F0%DE~%FE%D4%A0%7B%F8%0B%3F%60%C5-D%02%DD%B4W%95%0Bu~%C4%A7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:15 GMT
content-type: image/png
content-length: 95
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://simpsonitos.blog
set-cookie: zc=9aed1f6c-8715-45d5-6da7-5b6d4d7b023c; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 793889f9b863b500-OSL
X-Firefox-Spdy: h2
s.cpx.to/an_fire?app_nexus_uid=0&pid=12763&ref=&url=https%3A%2F%2Fsimpsonitos.blog%2Fepisodio%2Flos-simpson-2x2%2F&hn_ver=40&fid=d519f2e9-4f56-444d-a3fa-030d781bff8c
200 OK 95 B URL HTTP/1.1 s.cpx.to/an_fire?app_nexus_uid=0&pid=12763&ref=&url=https%3A%2F%2Fsimpsonitos.blog%2Fepisodio%2Flos-simpson-2x2%2F&hn_ver=40&fid=d519f2e9-4f56-444d-a3fa-030d781bff8c
IP
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 9606fa62df0ffe87253f3baf418f0e42
fe8520ab0bf1622350513d685ece5faf70b4e8c1
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
GET /an_fire?app_nexus_uid=0&pid=12763&ref=&url=https%3A%2F%2Fsimpsonitos.blog%2Fepisodio%2Flos-simpson-2x2%2F&hn_ver=40&fid=d519f2e9-4f56-444d-a3fa-030d781bff8c HTTP/1.1
Host: s.cpx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://simpsonitos.blog/
Connection: keep-alive
Cookie: cpSess=b7b1207e5730b1c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 04:49:15 GMT
Content-Type: image/png
Content-Length: 95
Connection: keep-alive
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: none
cache-control: no-store, must-revalidate, private, max-age=0
pragma: no-cache
set-cookie: cpSess=b7b1207e5730b1c; Expires=Sat, 03 Feb 2024 04:49:15 GMT; Domain=.cpx.to; Path=/; Secure; HttpOnly; SameSite=None
p3p: CP="NOI DEV ADM"
expires: Fri, 03 Feb 2023 04:49:15 UTC
ocsp.digicert.com/
200 OK 313 B IP
Hash 715806b036d01666267128c6d97faf0e
8416126b5e46dcdc8b068cd6e2408878c1bcdfeb
834be2a6ba0f4e731963c0d35a9ec3cb89aef79652afd5712cadd5607e2adf10
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6172
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:15 GMT
Last-Modified: Fri, 03 Feb 2023 03:06:23 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 313
ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
IP
File type ASCII text, with very long lines (32034)
Hash c54aac7ef64c39b4f384e0d5771d3b46
d3e059104378a3844862a5ed12a13f5d423e86b6
3e1b5002dd64d185f806edeefd333348f423584d876cfc966b5c13884c8fe3da
GET /ajax/libs/jquery/3.0.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30186
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 18:53:23 GMT
expires: Sun, 28 Jan 2024 18:53:23 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 467752
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
200 OK 671 B URL HTTP/2 rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
IP
Hash 33ce999ffd6810bdb45d8acad8f90ad0
24be76c95bb2c43a3c4e0e09d7d360a93e0a86fb
0b4f9196da2d827f4eddf0e2fcc01b18c1d93c0210f25f477584dfa0bd6f7bed
GET /rules-p-6Fv0cGNfc_bw8.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 13 Oct 2022 22:35:53 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
date: Fri, 03 Feb 2023 04:40:03 GMT
cache-control: max-age=3600
etag: W/"1f431dc94c1f033d6666f0fe637e2d7b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OxBs_QWzKk6-b_Ea126HQXeQZCBJYdV3Lw1vWvpLGkq_yTSTWZbGpw==
age: 553
X-Firefox-Spdy: h2
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Origin.FromBundle~1&entry=c~Idfs.Rtus.147.Headers.Bundle~1&entry=c~Idfs.Rtus.147.Events.InitiateFetch~1
200 OK 43 B URL HTTP/2 csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Origin.FromBundle~1&entry=c~Idfs.Rtus.147.Headers.Bundle~1&entry=c~Idfs.Rtus.147.Events.InitiateFetch~1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Origin.FromBundle~1&entry=c~Idfs.Rtus.147.Headers.Bundle~1&entry=c~Idfs.Rtus.147.Events.InitiateFetch~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:15 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 313 B IP
Hash 23692097ca31908592060984aae6cc6e
3e06e4c092a9d9dd647d76ee58291528934df221
d7c4a696b9dd736862a5065352d3c9b37ae045a08452e40df7edf46c249983b8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3238
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:16 GMT
Last-Modified: Fri, 03 Feb 2023 03:55:18 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 313 B IP
Hash 23692097ca31908592060984aae6cc6e
3e06e4c092a9d9dd647d76ee58291528934df221
d7c4a696b9dd736862a5065352d3c9b37ae045a08452e40df7edf46c249983b8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3214
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:16 GMT
Last-Modified: Fri, 03 Feb 2023 03:55:42 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 313
ww1097.smartadserver.com/genericpost
204 No Content 0 B URL HTTP/1.1 ww1097.smartadserver.com/genericpost
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /genericpost HTTP/1.1
Host: ww1097.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://simpsonitos.blog/
Origin: https://simpsonitos.blog
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
date: Fri, 03 Feb 2023 04:49:15 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://simpsonitos.blog
vary: Origin
ww1097.smartadserver.com/genericpost
200 OK 288 B URL HTTP/1.1 ww1097.smartadserver.com/genericpost
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (602), with no line terminators
Hash 8ee4e2647b0638780d7ec0cdf9a8ac3f
e4645ec14f67f08f7029763712a287ef710fad5d
787888c5dbfe0c97f8be8403062fbb692746f44ee7ecfbaf7a108b62a15df381
POST /genericpost HTTP/1.1
Host: ww1097.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/javascript
Content-Length: 910
Origin: https://simpsonitos.blog
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/javascript; charset=UTF-8
date: Fri, 03 Feb 2023 04:49:15 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://simpsonitos.blog
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100%3b%24sw%3d1280%3b%24sh%3d1024; expires=Sat, 03 Feb 2024 04:49:16 GMT; domain=.smartadserver.com; path=/
vs=556541=5306689; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Sat, 03 Feb 2024 04:49:16 GMT; domain=.smartadserver.com; path=/
pid=8141586027288445390; expires=Sat, 03 Feb 2024 04:49:16 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638109965560615566&o=1; expires=Sat, 04 Feb 2023 04:49:16 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Sat, 04 Feb 2023 04:49:16 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash bf413e198818e81c68c5ca9c90eedb3b
5478572050ea4bc5f079ae42660e48fec7564379
55b626520be6e3a763aff959bb2b2d54fdbf40561fda9afb493e98540b9eaae8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 03 Feb 2023 04:49:16 GMT
Last-Modified: Fri, 03 Feb 2023 03:29:02 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: HkFu6Wbo1oRe_ru436PlGwEBQpgIvHF_6EK1aocYHFmJ49fUYtVL5w==
Age: 4814
ads.themoneytizer.com/lib_footer_slidein.js
200 OK 4.6 kB URL HTTP/2 ads.themoneytizer.com/lib_footer_slidein.js
IP
ASN #60068 Datacamp Limited
Hash 465c8720599324d28087dc3b98691cf9
81a75372978e3f09f8b7ca3c5233d66d416431f4
9d4b808ce23d555f45bdf696809df7ec304b9ef88b3e2548b219feb2be977403
GET /lib_footer_slidein.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:16 GMT
content-type: application/javascript
last-modified: Wed, 25 Jan 2023 15:22:30 GMT
expires: Fri, 03 Feb 2023 05:03:48 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1675400628
server: CDN77-Turbo
x-77-nzt: AblMCRSX0Tn/GE4BAA
x-77-nzt-ray: af585630e5a8bf3a4c92dc6318f2ba05
x-cache: HIT
x-age: 85528
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
200 OK 20 B URL HTTP/1.1 adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
IP
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7 HTTP/1.1
Host: adtrack.adleadevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://simpsonitos.blog
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://simpsonitos.blog
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Encoding: gzip
Content-Type: application/x-javascript
Date: Fri, 03 Feb 2023 04:49:16 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Last-Modified: Fri, 03 Feb 2023 04:49:16 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Length: 20
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6046
Expires: Fri, 03 Feb 2023 06:30:02 GMT
Date: Fri, 03 Feb 2023 04:49:16 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6046
Expires: Fri, 03 Feb 2023 06:30:02 GMT
Date: Fri, 03 Feb 2023 04:49:16 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6046
Expires: Fri, 03 Feb 2023 06:30:02 GMT
Date: Fri, 03 Feb 2023 04:49:16 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6046
Expires: Fri, 03 Feb 2023 06:30:02 GMT
Date: Fri, 03 Feb 2023 04:49:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f58ae1f-1f79-4cc4-b12e-b11dde3b7e4d.jpeg
200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f58ae1f-1f79-4cc4-b12e-b11dde3b7e4d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4a92e881554205ebbe3721a7bbaeab40
b620fc82bd15b55b581bd8c3a699e1b16563ad2e
ff753b8411bfa0df54938a5f829ce25acbad863a2a3540b3bacca02baf9a2c7d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f58ae1f-1f79-4cc4-b12e-b11dde3b7e4d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6398
x-amzn-requestid: 843fefd3-8cf4-44ee-bb7c-a010d4149442
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuv1XFXQoAMFe5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2cee-76739fd87b4c0d203eca4114;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2cGZEXolULcBUgvrZ55IWnR825LgkHDFmJFJ5i9lcl4KYbDte3-N1g==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:57:43 GMT
age: 24693
etag: "b620fc82bd15b55b581bd8c3a699e1b16563ad2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a53e95-81db-4f71-84bc-169a72e11b24.jpeg
200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a53e95-81db-4f71-84bc-169a72e11b24.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4242d4999b7b033873b81a482c319c2
bc4c004065ce9f558f210d508844c123a85737a1
ab35a5c1a7c1a0a548aee3b9c301893799680ec1922c13e7a16d44ca457cd91d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a53e95-81db-4f71-84bc-169a72e11b24.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7237
x-amzn-requestid: f6aa0d26-8df4-40fe-8984-1aac7c76097e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVr4jEdeIAMFTYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2269c-58a038d6491d8f461e9168d4;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:07:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XNO6ArxsjiZTxcoSn1Fmhso5bpWNIvzT9nplF6UGTiHVxXlJiv7bJA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:58:40 GMT
age: 24636
etag: "bc4c004065ce9f558f210d508844c123a85737a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3490571dd2de0a747987b9a0e18cccc8
18e9f8f160d3515f1cb31fc7538ac762a6cab344
1c071d7f3b288b29254500f94f19c0db0633c6aa90812f2e92c4f64992f5221a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 5c9b1a83-c99a-44b9-9a90-5edd7ef1e225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi0XKG93oAMFtsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76760-01bf754d6c725c3275c02a1b;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:44:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XTZJAn0LMAfFtaQ2bN8z58cCsUT5GzxDMnHVB_iw9E_NskHQ-BgbRQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:19:26 GMT
age: 84437
etag: "18e9f8f160d3515f1cb31fc7538ac762a6cab344"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c9d26d7-b28f-485c-91d6-67a0813a0f3c.jpeg
200 OK 3.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c9d26d7-b28f-485c-91d6-67a0813a0f3c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0c1c2a5a291f23be6591c9b19db47b47
2f67cdba4a3d5a8cf6f6eb7951d2a1bda6e01619
327efb8c72421819992900ab0f8f267da7d28122c710b8694979116579d512c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c9d26d7-b28f-485c-91d6-67a0813a0f3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3083
x-amzn-requestid: 7a4f094b-a423-401e-a9e7-8d9f130e2e40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi1drEtKIAMFuYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76924-66751080608a6cd2650b853d;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:52:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UoXATdGOgEK3Unxszcp4ulAK3b1BuHS2MbUzTHe-qxjNZkb2eoxE-A==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:44:49 GMT
age: 25467
etag: "2f67cdba4a3d5a8cf6f6eb7951d2a1bda6e01619"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32d005c4-44bd-4c69-b179-e966a5e62bc4.jpeg
200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32d005c4-44bd-4c69-b179-e966a5e62bc4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 08efac01fbe2d2949d81cfa427e8f360
e354cd76c38a72a10eddad9298b43415f8f04ed1
a5edf287aefdfb2f4c33d19b322b2574553fc9f5646f147359a3dcf8c1d75cb1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32d005c4-44bd-4c69-b179-e966a5e62bc4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7700
x-amzn-requestid: 11dd2ef1-f809-4a95-aeef-361cfa745eea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fYyFIHUVIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d363ba-7841e2a6249f0e5d7aa91c8d;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 05:40:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gYmuJEgMngPXgeLlAQfRoP-EtCgH--hkvSt6OPTUlYXxetmf5zAtVg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:48:01 GMT
age: 25275
etag: "e354cd76c38a72a10eddad9298b43415f8f04ed1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:48:01 GMT
age: 25275
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
waaw.to/js/websocket_ip.min.js
200 OK 1.4 kB URL HTTP/2 waaw.to/js/websocket_ip.min.js
IP
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (4292)
Hash d3034e0899adf38d0e7055c09a279a22
8e745e10fef8b676a89a9a0e3c3cb3972037ef5b
b83bfab92e5f55c669af809c2f91e1042cd21f5f41b3354eed650bc5e8604d4d
GET /js/websocket_ip.min.js HTTP/1.1
Host: waaw.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://waaw.to/e/p6acn9UO0G9I?http_referer=https%3A%2F%2Fsimpsonitos.blog%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=fpKaDaxSmrGOja4R7sql; Domain=.waaw.to; HttpOnly; Path=/; Expires=Sat, 03-Feb-2024 04:49:16 GMT
date: Fri, 20 Jan 2023 13:48:39 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 20 Jan 2023 13:44:36 GMT
etag: W/"63ca9ac4-121c"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 1177237
content-length: 1399
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
waaw.to/styles/global/embed_player.3.css?130
200 OK 1.6 kB URL HTTP/2 waaw.to/styles/global/embed_player.3.css?130
IP
ASN #262254 DDOS-GUARD CORP.
Hash 8e6c46db0d3b9b09cb250529f4e92245
78ccfc915538c39e35acb536eca217f2f12e7a0e
7a8726525e4b7e4a725b96f82dafba6d1da8b54d71c5d02144aca8b7d306bf65
GET /styles/global/embed_player.3.css?130 HTTP/1.1
Host: waaw.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://waaw.to/e/p6acn9UO0G9I?http_referer=https%3A%2F%2Fsimpsonitos.blog%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=r6FkxnarBFbgsavUSUoT; Domain=.waaw.to; HttpOnly; Path=/; Expires=Sat, 03-Feb-2024 04:49:16 GMT
date: Mon, 17 Oct 2022 10:46:28 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 09 Dec 2020 22:16:37 GMT
etag: W/"5fd14cc5-1701"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 9396168
ddg-cache-status: HIT,MISS
content-length: 1623
X-Firefox-Spdy: h2
waaw.to/js/video.jquery_plugs/modernizr.js?12
200 OK 652 B URL HTTP/2 waaw.to/js/video.jquery_plugs/modernizr.js?12
IP
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (1227), with no line terminators
Hash aecce2cd69440bcd1b71a8f0ce204922
7bf5702d34c33349bead0bb2cb7ad2200d699196
b9159c2d62fb50c02489b011962ed2549515067437b550834432787ff25a5dfb
GET /js/video.jquery_plugs/modernizr.js?12 HTTP/1.1
Host: waaw.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://waaw.to/e/p6acn9UO0G9I?http_referer=https%3A%2F%2Fsimpsonitos.blog%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=GgMbweDFwniSZ1jZh1m5; Domain=.waaw.to; HttpOnly; Path=/; Expires=Sat, 03-Feb-2024 04:49:16 GMT
date: Mon, 17 Oct 2022 10:46:28 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 03 Jun 2018 17:19:35 GMT
etag: W/"5b142327-4cb"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 9396168
ddg-cache-status: HIT,MISS
content-length: 652
X-Firefox-Spdy: h2
waaw.to/js/d_check.js?34
200 OK 1.0 kB IP
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (821)
Hash 841e4af4332ce934406a4e59a063aa98
fd8429c4c48157e134268b448d713b642f461af6
fde29879f9e4795b74c36aa1a23b32f35f5f67131fc914be72e42f1fff8740d3
GET /js/d_check.js?34 HTTP/1.1
Host: waaw.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://waaw.to/e/p6acn9UO0G9I?http_referer=https%3A%2F%2Fsimpsonitos.blog%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=Yx9BA7G5e88eHcdWFPzs; Domain=.waaw.to; HttpOnly; Path=/; Expires=Sat, 03-Feb-2024 04:49:16 GMT
date: Mon, 17 Oct 2022 10:55:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 27 Feb 2020 14:57:53 GMT
etag: W/"5e57d8f1-d8a"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 9395642
ddg-cache-status: HIT,MISS
content-length: 1028
X-Firefox-Spdy: h2
waaw.to/js/embed.205.js?736
200 OK 40 kB URL HTTP/2 waaw.to/js/embed.205.js?736
IP
ASN #262254 DDOS-GUARD CORP.
File type Unicode text, UTF-8 text, with very long lines (3414)
Hash a5b2f5bea0283771168801d2ebfeb91f
a0aef692a880b36965c49a2c71ff7b9c9a9fe586
1f5532db6292eefe3632e228f22d933c8d2f740d00f21982d7e4348ad0d17698
GET /js/embed.205.js?736 HTTP/1.1
Host: waaw.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://waaw.to/e/p6acn9UO0G9I?http_referer=https%3A%2F%2Fsimpsonitos.blog%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=hHWUPUWx0epgpHiOh7UC; Domain=.waaw.to; HttpOnly; Path=/; Expires=Sat, 03-Feb-2024 04:49:16 GMT
date: Mon, 17 Oct 2022 10:46:28 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 04 Aug 2022 18:07:34 GMT
etag: W/"62ec0ae6-298ce"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 9396168
ddg-cache-status: HIT,MISS
content-length: 39596
X-Firefox-Spdy: h2
waaw.to/js/adv/fuckadblock.js?2
200 OK 3.5 kB URL HTTP/2 waaw.to/js/adv/fuckadblock.js?2
IP
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with CRLF line terminators
Hash ec1ee09f3fac94172cb7563a95812487
77b7090fc3bb4431371fa6ed84e2623dd0015c30
94db3115fa9ba527b159c6c3d3b928c585774be570300801d274eac81806eda0
GET /js/adv/fuckadblock.js?2 HTTP/1.1
Host: waaw.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://waaw.to/e/p6acn9UO0G9I?http_referer=https%3A%2F%2Fsimpsonitos.blog%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=4AArvFiDOPUM9o3kStu1; Domain=.waaw.to; HttpOnly; Path=/; Expires=Sat, 03-Feb-2024 04:49:16 GMT
date: Mon, 17 Oct 2022 10:46:28 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 27 Aug 2019 17:39:04 GMT
etag: W/"5d656ab8-369e"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 9396168
ddg-cache-status: HIT,MISS
content-length: 3525
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 8c1a6bed9aee7e24c3f79f272c26c553
352517159ecf99f7a1ff6a36e6bfb7e4c42ca60e
96e44f4f0028023e53d86c2b642a21de37e71c58f6ee92fb50381a73c5f7a5ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6477
Cache-Control: max-age=87092
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:16 GMT
Etag: "63db2a33-116"
Expires: Sat, 04 Feb 2023 05:00:48 GMT
Last-Modified: Thu, 02 Feb 2023 03:12:51 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 278
unpkg.com/jquery@2.2.4/dist/jquery.min.js
200 OK 31 kB URL HTTP/2 unpkg.com/jquery@2.2.4/dist/jquery.min.js
IP
File type ASCII text, with very long lines (32065)
Hash 6d183b87b7bfc4556851ece01e8cbf70
d0a108e144e634fc9dba5e74bc5d66c01ccba1b8
6396efab0f812c23fa2def01d4c8d0ee43d7a473f460725b3bc56669d3fce45e
GET /jquery@2.2.4/dist/jquery.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://waaw.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:16 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Fri, 20 May 2016 17:24:42 GMT
etag: W/"14e4a-abtp4lyn1e8JNTF1hOYVPz/ZqIw"
via: 1.1 fly.io
fly-request-id: 01G754SVY4BFC19MXYRYRMED91-fra
cf-cache-status: HIT
age: 18443257
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 793889fd8e53b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 8c1a6bed9aee7e24c3f79f272c26c553
352517159ecf99f7a1ff6a36e6bfb7e4c42ca60e
96e44f4f0028023e53d86c2b642a21de37e71c58f6ee92fb50381a73c5f7a5ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6549
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:16 GMT
Last-Modified: Fri, 03 Feb 2023 03:00:07 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 7b308229a37e2f2a58616a36740e8ed1
3fe60bcbf0ed050b81a125e858b649abe4a619c4
f20e49ece68b646ed354968ae7b29c4d729b4ba6482c7fe4bfb0d16433c3ee39
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F20E49ECE68B646ED354968AE7B29C4D729B4BA6482C7FE4BFB0D16433C3EE39"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6664
Expires: Fri, 03 Feb 2023 06:40:20 GMT
Date: Fri, 03 Feb 2023 04:49:16 GMT
Connection: keep-alive
waaw.to/js/script-2.12.5.js
200 OK 4.3 kB URL HTTP/2 waaw.to/js/script-2.12.5.js
IP
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (1242)
Hash 63c6cc05ba344ef5f0e94cf7ad729625
0dde0cb61346e7bf5fb67f0f322be3e00a23da1e
fc751c1b5978b5381f24a0a6e3d55c21294d3ad2fa864064125bdd19885dd760
GET /js/script-2.12.5.js HTTP/1.1
Host: waaw.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://waaw.to/e/p6acn9UO0G9I?http_referer=https%3A%2F%2Fsimpsonitos.blog%2F
Cookie: uid=MTzxNySNynyqpECbm7Yu3S5zZBKcdPsg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=ookzvxwtQ5YQPz6K91ES; Domain=.waaw.to; HttpOnly; Path=/; Expires=Sat, 03-Feb-2024 04:49:16 GMT
date: Mon, 17 Oct 2022 10:55:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Dec 2020 19:28:37 GMT
etag: W/"5fc69965-4cb8"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 9395642
ddg-cache-status: HIT,MISS
content-length: 4344
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4b0b819aab086743b3687842070bf1b0
f18cbb832ce93cc9928803aa694277c471132f0f
f7c712bd92bd32b17f6efc80e6fda58e8acfe3d08efffbb7fc2191c0b28f3d55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C712BD92BD32B17F6EFC80E6FDA58E8ACFE3D08EFFFBB7FC2191C0B28F3D55"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7636
Expires: Fri, 03 Feb 2023 06:56:32 GMT
Date: Fri, 03 Feb 2023 04:49:16 GMT
Connection: keep-alive
ads.themoneytizer.com/lib_watermark.js
200 OK 12 kB URL HTTP/2 ads.themoneytizer.com/lib_watermark.js
IP
ASN #60068 Datacamp Limited
File type Unicode text, UTF-8 text, with very long lines (29272), with CRLF line terminators
Hash de376e5e48e47fac339a056dcbcbb2e5
e5b43b86a9a2422b653c15917a1ef2f427ba69da
d86ff0ce4f33de3088cd7f22335ba5f813cfc9dcd9a0420accc6e292978ce233
GET /lib_watermark.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:16 GMT
content-type: application/javascript
last-modified: Fri, 20 Jan 2023 16:37:11 GMT
expires: Fri, 03 Feb 2023 05:03:48 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1675400628
server: CDN77-Turbo
x-77-nzt: AblMCRQmgy//GE4BAA
x-77-nzt-ray: af585630e5a8bf3a4c92dc632607c405
x-cache: HIT
x-age: 85528
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1cec933ade724d64c1ae3c32dee49d2c
b7988e196b6829e9a519fdfbf4fd4095daf5ecca
348207adaff485855fcd28ec908b1737efb29a2329147a6f2ab8f967928b11ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "348207ADAFF485855FCD28EC908B1737EFB29A2329147A6F2AB8F967928B11BA"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8504
Expires: Fri, 03 Feb 2023 07:11:00 GMT
Date: Fri, 03 Feb 2023 04:49:16 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 314 B IP
Hash 1fa4a1bbc4eef369c1062f928bce8021
93c8b2e83d7238394892d83005f899ec7b1ab3db
549ad164c2c23cbee22a33358e6d837f9546466b11f996adf713b543b11becfc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4366
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:17 GMT
Last-Modified: Fri, 03 Feb 2023 03:36:31 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
200 OK 314 B IP
Hash 1fa4a1bbc4eef369c1062f928bce8021
93c8b2e83d7238394892d83005f899ec7b1ab3db
549ad164c2c23cbee22a33358e6d837f9546466b11f996adf713b543b11becfc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4157
Cache-Control: max-age=89119
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:17 GMT
Etag: "63db3b2f-13a"
Expires: Sat, 04 Feb 2023 05:34:36 GMT
Last-Modified: Thu, 02 Feb 2023 04:25:19 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 314
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 3f11c62617c2bee07a8ed3cf82151243
ba58aa99e6fda4e73216a5b6a382dfd4f1f5b33a
a0b39826bd54ed8244e2c90f71d51146feaba0b9100446256479344837c50228
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=119904
Date: Fri, 03 Feb 2023 04:49:17 GMT
Etag: "63dbbb1a-1d7"
Expires: Sat, 04 Feb 2023 14:07:41 GMT
Last-Modified: Thu, 02 Feb 2023 13:31:06 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: G0IZaXcJtZMprMF1ortSW1S9VkAaceCOeZVFkV2vBngHHWP14UCLaw==
Age: 2195
testingmetriksbre.ru/netu.php
200 OK 11 kB URL HTTP/2 testingmetriksbre.ru/netu.php
IP
File type ASCII text, with very long lines (855), with CRLF line terminators
Hash 36121fd013962f49294a43bfa0031c32
c76ca3e047636fb91ce454711e7cd228f83131b0
112397d13053fdc311db5f69947f8b1538a4e3eb45248f6865beecd9fb9f386b
GET /netu.php HTTP/1.1
Host: testingmetriksbre.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://waaw.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:16 GMT
content-type: application/javascript
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0%2BkskdMkiQNGCzkR%2BVLS4wweSpM3m%2BHuwtfMiKGyO%2BK6dua6D9QAAE3%2BXI6q3iy8V1C4IKAHO4T9o7MYZ36KANAFdzAT25wvYI0dSVojLCjXcDm5Z6x0zMHXcK7KChZs20bZZuZdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793889fdd8db0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 44dd30beea47847a18333bea268fe653
d8a72bc5af7bf27402df696adb9c79dc9e2f54d3
2cf74ac8588a994668377038dbfa5194ba490e82c799b2f08a77090885a907d9
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://simpsonitos.blog
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:17 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://simpsonitos.blog
access-control-allow-credentials: true
set-cookie: uid_id2=b0881b56-6d26-4dfe-a4e4-d90aff4e2b01:1:1; expires=Mon, 31 Jan 2033 04:49:17 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash a9bd6c04a7eecd40f5acf39a8450138b
41f3d817e8d15914ab96d16bca1d253e46cab5cc
60f0570ec76cddac92199af1d9a1fcc7da53430159d4418f4a5ba68a486ffebe
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://waaw.to
Connection: keep-alive
Referer: https://waaw.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:17 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://waaw.to
access-control-allow-credentials: true
set-cookie: uid_id2=e2bafed0-354d-4804-9276-336b22ce4cb1:1:1; expires=Mon, 31 Jan 2033 04:49:17 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.147.Origin.FromSyncframeBundle~1
200 OK 43 B URL HTTP/2 csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.147.Origin.FromSyncframeBundle~1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.147.Origin.FromSyncframeBundle~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:16 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash b5a404b308fa06356367c560e850e1bc
62a5d88a31451b0387e6444c079b6175fa8065a0
f0896232da72586ab3db7427040e653b271df7da7f4c192f44d1b38392702598
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F0896232DA72586AB3DB7427040E653B271DF7DA7F4C192F44D1B38392702598"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5318
Expires: Fri, 03 Feb 2023 06:17:55 GMT
Date: Fri, 03 Feb 2023 04:49:17 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5edf06da7a0227d78287f1137f5790ec
2bc02cdaf7b531e47de186d5a548e3919aa71f6c
5d8d6286284a29aeb2396a779c60cdd70e7a45818170eca4e8531df436843473
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D8D6286284A29AEB2396A779C60CDD70E7A45818170ECA4E8531DF436843473"
Last-Modified: Thu, 02 Feb 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2327
Expires: Fri, 03 Feb 2023 05:28:04 GMT
Date: Fri, 03 Feb 2023 04:49:17 GMT
Connection: keep-alive
friendshipmale.com/sfp.js
200 OK 28 kB URL HTTP/2 friendshipmale.com/sfp.js
IP
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash e527e315958172cd4e814ae8aff6c3e6
ba2a4b8a15053782ccffb630ea80330ff177633b
0f4377833c09000b174ef14e0587ada21cd14b3af549e3d815eed116fefed61c
Analyzer Verdict Alert fortinet Malware
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://waaw.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:17 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: ca7dce88254f565952bc2b8c38c7e5f7
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 03 Feb 2023 04:49:17 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3C77LFohdBXh34nKltuViHGTHSWfeTFOvAmQ6AEjRJC5exWFh8N9n7qS9aImext%2BrJ92GG8E1zNwUy9zuDIkZUWCNtG69di9lVA5kz%2Fls5IJOUuPsgI1Zq1cDyka5eNB7UlpA4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79388a031ce888b0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash b5a404b308fa06356367c560e850e1bc
62a5d88a31451b0387e6444c079b6175fa8065a0
f0896232da72586ab3db7427040e653b271df7da7f4c192f44d1b38392702598
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F0896232DA72586AB3DB7427040E653B271DF7DA7F4C192F44D1B38392702598"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5318
Expires: Fri, 03 Feb 2023 06:17:55 GMT
Date: Fri, 03 Feb 2023 04:49:17 GMT
Connection: keep-alive
outdilateinterrupt.com/watch.1480279568158.js?key=6f5d34fa1e8619032e40cda5b8d344f9&kw=%5B%22los%22%2C%22simpson%22%2C%222x2%22%2C%22archives%22%2C%22-%22%2C%22simpsonitos%22%5D&refer=&tz=0&dev=e&res=12.1055&psid=101661&uuid=b0881b56-6d26-4dfe-a4e4-d90aff4e2b01%3A1%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 outdilateinterrupt.com/watch.1480279568158.js?key=6f5d34fa1e8619032e40cda5b8d344f9&kw=%5B%22los%22%2C%22simpson%22%2C%222x2%22%2C%22archives%22%2C%22-%22%2C%22simpsonitos%22%5D&refer=&tz=0&dev=e&res=12.1055&psid=101661&uuid=b0881b56-6d26-4dfe-a4e4-d90aff4e2b01%3A1%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1480279568158.js?key=6f5d34fa1e8619032e40cda5b8d344f9&kw=%5B%22los%22%2C%22simpson%22%2C%222x2%22%2C%22archives%22%2C%22-%22%2C%22simpsonitos%22%5D&refer=&tz=0&dev=e&res=12.1055&psid=101661&uuid=b0881b56-6d26-4dfe-a4e4-d90aff4e2b01%3A1%3A1 HTTP/1.1
Host: outdilateinterrupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://simpsonitos.blog
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 04:49:17 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://simpsonitos.blog
Access-Control-Allow-Origin: https://simpsonitos.blog
Access-Control-Allow-Credentials: true
Location: https://outdilateinterrupt.com/watch.1480279568158.js?key=6f5d34fa1e8619032e40cda5b8d344f9&kw=%5B%22los%22%2C%22simpson%22%2C%222x2%22%2C%22archives%22%2C%22-%22%2C%22simpsonitos%22%5D&refer=&tz=0&dev=e&res=12.1055&psid=101661&uuid=b0881b56-6d26-4dfe-a4e4-d90aff4e2b01%3A1%3A1&shu=0c845f469b4343fc05fe0f8e7c0b59850f34bfe7604e4aad7d1ff419043c626dfb5f05b6f516d0a8a939d597f3d95f84079f954f1372b3be83bca5ec4fcef6c4a9c6d39752281aa053614102481ff4fd4b3615&pst=1675399817&rmtc=t
Set-Cookie: u_pl=17585302; expires=Sat, 04 Feb 2023 04:49:17 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU4NTMwMiwiayI6IjZmNWQzNGZhMWU4NjE5MDMyZTQwY2RhNWI4ZDM0NGY5Iiwic2lkIjoiMTAxNjYxIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU2MDI0LCJwaWQiOjQ2ODU5NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoieGVidnV0dmN3IiwiY3BrcyI6eyAiMjkiOiI4OTFmZjBmYWZiYjMyNzk4ZWMzYTgwMWYwYmM5M2MxMCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zaW1wc29uaXRvcy5ibG9nLyJ9fQ.WHdlD49usi1-k7sBjMRLg90Ci35X2FE0v5aDzREjFM0; expires=Fri, 03 Feb 2023 04:50:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 927a06d5a49370a6939d69f65c824b62
Strict-Transport-Security: max-age=0; includeSubdomains
naveljutmistress.com/f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js
200 OK 29 kB URL HTTP/1.1 naveljutmistress.com/f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 83f92e5ab9f59fd351c345f94874bdcc
e8fe9584911e7389b008257a17523dc1bb600b2b
06b470daf2612c727c94a0c6f6f6a77a671f219800a74a70f1dfb7d1b092fb51
Analyzer Verdict Alert quad9 Sinkholed
GET /f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js HTTP/1.1
Host: naveljutmistress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://waaw.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 03 Feb 2023 04:49:17 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ca6d0c811309602a0729666d7dce8966
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
gum.criteo.com/sid/json?origin=rtus&domain=simpsonitos.blog&sn=FirefoxSyncframe&so=3&topUrl=simpsonitos.blog&bundle=mdmmIF9jNFV0azNxZWQ0aEN3ZkR5M0NYNHZRMjJiR1cwd2M0aW9JM0c4OFlYcVQyUWJJRk04ZUp5OUV5UnEwWnVhbm9lM0tLZDhYMVVRNXdpV1R5MDBSM1E4WUglMkJGVUVPcmtCMEptJTJGVGMwN2VmWHdpdjMxbzhzeVlRc2lnaG1ZTkolMkI5dw&info=W71c-F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czdKd1h4aUQzampQVmhwOEVYMzJPa0NIdUxHJTJGWk1kSWVaN0ppclRRN011eA&idsd=-1775195624,-80656105&cw=1&rtusCallerId=147&lsw=1
200 OK 952 B URL HTTP/2 gum.criteo.com/sid/json?origin=rtus&domain=simpsonitos.blog&sn=FirefoxSyncframe&so=3&topUrl=simpsonitos.blog&bundle=mdmmIF9jNFV0azNxZWQ0aEN3ZkR5M0NYNHZRMjJiR1cwd2M0aW9JM0c4OFlYcVQyUWJJRk04ZUp5OUV5UnEwWnVhbm9lM0tLZDhYMVVRNXdpV1R5MDBSM1E4WUglMkJGVUVPcmtCMEptJTJGVGMwN2VmWHdpdjMxbzhzeVlRc2lnaG1ZTkolMkI5dw&info=W71c-F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czdKd1h4aUQzampQVmhwOEVYMzJPa0NIdUxHJTJGWk1kSWVaN0ppclRRN011eA&idsd=-1775195624,-80656105&cw=1&rtusCallerId=147&lsw=1
IP
File type JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (581)
Hash 967944da51828fec97ae7730271458a3
4e778e52a7722d57cfab604707b2cdfaf0a0d3db
0afd04682522942442232d24a089253470609492a57f4e72ed8b9516f95581fe
GET /sid/json?origin=rtus&domain=simpsonitos.blog&sn=FirefoxSyncframe&so=3&topUrl=simpsonitos.blog&bundle=mdmmIF9jNFV0azNxZWQ0aEN3ZkR5M0NYNHZRMjJiR1cwd2M0aW9JM0c4OFlYcVQyUWJJRk04ZUp5OUV5UnEwWnVhbm9lM0tLZDhYMVVRNXdpV1R5MDBSM1E4WUglMkJGVUVPcmtCMEptJTJGVGMwN2VmWHdpdjMxbzhzeVlRc2lnaG1ZTkolMkI5dw&info=W71c-F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czdKd1h4aUQzampQVmhwOEVYMzJPa0NIdUxHJTJGWk1kSWVaN0ppclRRN011eA&idsd=-1775195624,-80656105&cw=1&rtusCallerId=147&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=rtus&topUrl=simpsonitos.blog
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:17 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 779624
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 504 B IP
ASN #20940 Akamai International B.V.
Hash 65137af66f231dc01d071d52d5402080
0c5724af5e61b39d7823f0bf6449292a35243c2e
5d35bc4fd03b1d8edc53649928aff9973484375eba8f2b33a17c1816bce73519
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4034B89955D03C028C1CCD0D9DDA7B7528F34AD892996DC7BC420FB64366DA02"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5908
Expires: Fri, 03 Feb 2023 06:27:46 GMT
Date: Fri, 03 Feb 2023 04:49:18 GMT
Connection: keep-alive
naveljutmistress.com/pixel/sbe?t=1&error=timeout
200 OK 0 B URL HTTP/1.1 naveljutmistress.com/pixel/sbe?t=1&error=timeout
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbe?t=1&error=timeout HTTP/1.1
Host: naveljutmistress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://waaw.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 03 Feb 2023 04:49:17 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
gum.criteo.com/syncframe?origin=rtus&topUrl=simpsonitos.blog
200 OK 5.6 kB URL HTTP/2 gum.criteo.com/syncframe?origin=rtus&topUrl=simpsonitos.blog
IP
Hash fcd717c7736b0646dc7e7e6685c8e5d8
5904b764d7c175dac3c691d0b3078a530da36f7a
274194c59a36f5726a34abfca54eca4d5dbbeac9be205636e0ed6f3f8e858f3a
GET /syncframe?origin=rtus&topUrl=simpsonitos.blog HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:16 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
uid=1ab54037-98fa-4724-bc0f-fee8a051fd86; expires=Wed, 28 Feb 2024 04:49:16 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 722010
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17585302
200 OK 1.3 kB URL HTTP/1.1 jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17585302
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash c0f9bcf29a5df37699cb7d64a3907147
c4284d112bc1dbc3595037d733364ea1899216d2
c7dd48e9399b4e3222c5695d0c86d71afd60ff4bd5233325bf85f9423a89b45a
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17585302 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 04:49:18 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Sat, 04 Feb 2023 04:49:18 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc1ODUzMDIiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zaW1wc29uaXRvcy5ibG9nLyJ9fQ.hBe78rg8WwSRaPYWeLV0ebPGfYiFS2G8oFIQYBaUaqg; expires=Fri, 03 Feb 2023 04:50:18 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cd1524d37c003ffbd000985d871ff1b6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
csm.fr.eu.criteo.net/iev?entry=c~Gum.FirefoxSyncframe.FragmentData.rtus.Bundle.Origin.3~1&entry=c~Gum.FirefoxSyncframe.SidReadSuccess~1&entry=h~Gum.FirefoxSyncframe.SidReadSuccessDuration~42
200 OK 43 B URL HTTP/2 csm.fr.eu.criteo.net/iev?entry=c~Gum.FirefoxSyncframe.FragmentData.rtus.Bundle.Origin.3~1&entry=c~Gum.FirefoxSyncframe.SidReadSuccess~1&entry=h~Gum.FirefoxSyncframe.SidReadSuccessDuration~42
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /iev?entry=c~Gum.FirefoxSyncframe.FragmentData.rtus.Bundle.Origin.3~1&entry=c~Gum.FirefoxSyncframe.SidReadSuccess~1&entry=h~Gum.FirefoxSyncframe.SidReadSuccessDuration~42 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gum.criteo.com
Connection: keep-alive
Referer: https://gum.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:18 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
jennyvisits.com/dyfc1k09?shu=4bba2630cf7cc567b55cff4be584a7917225ff7749145b9b0b1cdb34093e486abdbbe42899a2aa0917c35c155e8aa29978f4f525066637b365974b6a4e0246a78675299d828d153ebbb1c6c6fe7be7b1fa527711e6753c498da6f07d3274a447db&pst=1675399818&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fsimpsonitos.blog%2F&psid=17585302
302 Found 0 B URL HTTP/1.1 jennyvisits.com/dyfc1k09?shu=4bba2630cf7cc567b55cff4be584a7917225ff7749145b9b0b1cdb34093e486abdbbe42899a2aa0917c35c155e8aa29978f4f525066637b365974b6a4e0246a78675299d828d153ebbb1c6c6fe7be7b1fa527711e6753c498da6f07d3274a447db&pst=1675399818&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fsimpsonitos.blog%2F&psid=17585302
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=4bba2630cf7cc567b55cff4be584a7917225ff7749145b9b0b1cdb34093e486abdbbe42899a2aa0917c35c155e8aa29978f4f525066637b365974b6a4e0246a78675299d828d153ebbb1c6c6fe7be7b1fa527711e6753c498da6f07d3274a447db&pst=1675399818&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fsimpsonitos.blog%2F&psid=17585302 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jennyvisits.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc1ODUzMDIiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zaW1wc29uaXRvcy5ibG9nLyJ9fQ.hBe78rg8WwSRaPYWeLV0ebPGfYiFS2G8oFIQYBaUaqg; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 04:49:18 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
Set-Cookie: pdhtkv=true; expires=Sat, 04 Feb 2023 04:49:18 GMT
uncs=1; expires=Sat, 04 Feb 2023 04:49:18 GMT
pdhtkv28=true; expires=Sat, 04 Feb 2023 04:49:18 GMT
uncs28=1; expires=Sat, 04 Feb 2023 04:49:18 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b5272f7dd4df310de0d33575297f5a43
Strict-Transport-Security: max-age=0; includeSubdomains
adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_5A3024567DC14207978C21C877535B6F&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Fri, 03 Feb 2023 04:49:18 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 03 Feb 2023 04:49:18 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675399758900)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323449%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228774619669%7c1%22%7d%5d; domain=.unibet.com; expires=Sun, 03-Feb-3022 04:49:18 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=27, origin; dur=59
X-Firefox-Spdy: h2
www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_5A3024567DC14207978C21C877535B6F&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_5A3024567DC14207978C21C877535B6F&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
IP
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_5A3024567DC14207978C21C877535B6F&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 03 Feb 2023 04:49:19 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_5A3024567DC14207978C21C877535B6F&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
set-cookie: JSESSIONID=node0ghxj37ss09ev1xtnq2u5wm95c1490997.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node0ghxj37ss09ev1xtnq2u5wm95c; Path=/; Domain=.unibet.nu; Expires=Sun, 02-Feb-2025 04:49:19 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Sun, 02-Feb-2025 04:49:19 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://jennyvisits.com/"; Path=/; Domain=.unibet.nu; Expires=Sun, 02-Feb-2025 04:49:19 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Secure; SameSite=None
B-TAG=127656177_5A3024567DC14207978C21C877535B6F; Path=/; Domain=.unibet.nu; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
PID=68246908; Path=/; Domain=.unibet.nu; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fjennyvisits.com%2F; Path=/; Domain=.unibet.nu; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_5A3024567DC14207978C21C877535B6F%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
referer: https://jennyvisits.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Fri, 03 Feb 2023 04:49:19 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_5A3024567DC14207978C21C877535B6F&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_5A3024567DC14207978C21C877535B6F&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
IP
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_5A3024567DC14207978C21C877535B6F&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Cookie: __ucbt=node0ghxj37ss09ev1xtnq2u5wm95c; uniattr=ST.0.T; uniattr_ref="https://jennyvisits.com/"; affiliateId=1; B-TAG=127656177_5A3024567DC14207978C21C877535B6F; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fjennyvisits.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_5A3024567DC14207978C21C877535B6F%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 03 Feb 2023 04:49:19 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_5A3024567DC14207978C21C877535B6F&bid=37950&campaignId=2799402&pid=68246908
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Fri, 03 Feb 2023 04:49:19 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b5c6eae7356c7c117d75d88d84420f61
ef1bf1756057d56ff2070537f5cff02827ced62b
96e9d535daeb01ba5cb4409ac40f2d74540db1505510a5ddbe9e9090ec772cc4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96E9D535DAEB01BA5CB4409AC40F2D74540DB1505510A5DDBE9E9090EC772CC4"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13223
Expires: Fri, 03 Feb 2023 08:29:42 GMT
Date: Fri, 03 Feb 2023 04:49:19 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 22:28:50 GMT
expires: Thu, 01 Feb 2024 22:28:50 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 109229
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
200 OK 956 B URL HTTP/2 a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP
ASN #47171 Unibet Services Limited
Hash fd48e87ecd4d06d9c5df490b91dc813e
a65a437db44444634e4f41732c590c1d14433b3f
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675399758900)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323449%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228774619669%7c1%22%7d%5d; btag=127656177_5A3024567DC14207978C21C877535B6F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:19 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
200 OK 98 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x936, components 3\012- data
Hash 8e6d9af5ef1badfe9295b8fc96793c28
e37cdf4093dc0a47246be7360e7945f91991f073
de89de8196b23a00db8e35bca40fdb4253d970492a31396d5861c2e99d691407
GET /nu/pop/sportsbook/multisports/1-background-black.jpg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675399758900)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323449%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228774619669%7c1%22%7d%5d; btag=127656177_5A3024567DC14207978C21C877535B6F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:19 GMT
content-type: image/jpeg
content-length: 98453
access-control-allow-origin: *
cache-control: public, max-age=900, immutable
cf-bgj: h2pri
content-md5: jm2a9e8brf6Slbj8lnk8KA==
etag: "0x8DAFF991565B252"
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 3cf155d6-101e-000d-3081-31dad6000000
x-ms-version: 2014-02-14
cf-cache-status: HIT
age: 58731
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 79388a122d011c0a-OSL
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2
200 OK 11 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 10924, version 1.0\012- data
Hash 0ea5bcff84ae44840b6e9c9d12c8b963
6c827e1adb18775d2fdfbbbfef63cc9b66243ed2
b4e210ac58fe8fb176e24c58ffdbd0e7b40dded1314769dbcebdc413998b882b
GET /nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675399758900)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323449%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228774619669%7c1%22%7d%5d; btag=127656177_5A3024567DC14207978C21C877535B6F
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:19 GMT
content-type: font/woff2
content-length: 10924
cache-control: public, max-age=900, immutable
content-md5: DqW8/4SuRIQLbpydEsi5Yw==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: "0x8DAFF991816B1DF"
x-ms-request-id: 17c1ab9c-c01e-0043-7481-31f45e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 58723
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 79388a122d061c0a-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
404 Not Found 74 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP
File type XML 1.0 document text\012- XML document, Unicode text, UTF-8 (with BOM) text
Hash a782b7f4a5fe5cc5d38457b24194c952
a3f45626cd5ad0af4e5f3c8fc3ad76f722a73a8f
0d6104dd609087a3ebb006781c47a06f77445d11bbe2804ac9825537f932b499
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_5A3024567DC14207978C21C877535B6F&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675399758900)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323449%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228774619669%7c1%22%7d%5d; btag=127656177_5A3024567DC14207978C21C877535B6F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Fri, 03 Feb 2023 04:49:19 GMT
content-type: application/xml
x-ms-request-id: 156aa451-f01e-003a-498a-37087a000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 241
vary: Accept-Encoding
server: cloudflare
cf-ray: 79388a121cf71c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
a1s.unibet.com/orval/tracking/lastclick.min.js
200 OK 17 kB URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP
ASN #47171 Unibet Services Limited
Hash eec4f89a7e8f59d9f82a053ceb92e571
4c68233736165e4bb7b261b5f263b736a4d29b76
1c39eed36bff4debd2edd699dd535fb49c625b1f077ed81c7847e90bfb714ac7
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675399758900)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323449%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228774619669%7c1%22%7d%5d; btag=127656177_5A3024567DC14207978C21C877535B6F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:19 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:42 GMT
etag: W/"705-5e57dfbd5830d"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/widget/betslip/betslip.js
200 OK 20 kB URL HTTP/2 welcome.unibet.com/widget/betslip/betslip.js
IP
File type ASCII text, with very long lines (693)
Hash d0c5ebbc514a68bf3a876aff2a9eaf61
b1fce035a4366df5689f5c8b236e7387458a0bb8
c47a5c491e841ab17b24d09a66354028de2db7cc5bf73f023cfc37836e07d9ba
GET /widget/betslip/betslip.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_5A3024567DC14207978C21C877535B6F&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675399758900)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323449%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228774619669%7c1%22%7d%5d; btag=127656177_5A3024567DC14207978C21C877535B6F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:19 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: V3DcYDl/+4NNEoCqe8670A==
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
etag: W/"0x8D67ACF6D112CB5"
x-ms-request-id: 556a432d-701e-0079-3f03-03ee26000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 332204
vary: Accept-Encoding
server: cloudflare
cf-ray: 79388a11fcdf1c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
200 OK 81 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
IP
File type ASCII text, with very long lines (62112)
Hash a4240b77e705ccf468f608e50479edd7
8db51e17b7609697c584d660a8abfaeb2c879f8f
05c6204e4b69788f7ffa36a1e2d22dcb34a721b433c4c5661aaa9abb20380e81
GET /gtm.js?id=GTM-PF2RVHC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 04:49:19 GMT
expires: Fri, 03 Feb 2023 04:49:19 GMT
cache-control: private, max-age=900
last-modified: Fri, 03 Feb 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81123
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 278 B IP
Hash a62fb196730dab6ac28eab662fcbbc25
6ebf23821a92ee8fb4b1b1407549cff3bcee7723
2509e4cd4cd3dc8149a22a79f78be468d1ca3649d4b58bbedf969019a177c619
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6178
Cache-Control: max-age=111611
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:19 GMT
Etag: "63db8b28-116"
Expires: Sat, 04 Feb 2023 11:49:30 GMT
Last-Modified: Thu, 02 Feb 2023 10:06:32 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 278 B IP
Hash a62fb196730dab6ac28eab662fcbbc25
6ebf23821a92ee8fb4b1b1407549cff3bcee7723
2509e4cd4cd3dc8149a22a79f78be468d1ca3649d4b58bbedf969019a177c619
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3472
Cache-Control: max-age=108905
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:19 GMT
Etag: "63db8b28-116"
Expires: Sat, 04 Feb 2023 11:04:24 GMT
Last-Modified: Thu, 02 Feb 2023 10:06:32 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 278
secure.adnxs.com/seg?add=9755599
307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=9755599
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 03 Feb 2023 04:49:19 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: 4ea425b0-dd42-4b83-8319-07abba657469
Set-Cookie: uuid2=2470156982757913368; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 04-May-2023 04:49:19 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
200 OK 471 B IP
Hash 376568ad565582b9a012526b079e1d15
8a3d0933e4ad5e6b4942abc856e2b06bd518cb86
8638da6b826ab2e28955fa6963b3fbac2fb85c937e5eb0e629b8a10b3e029498
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6108
Cache-Control: max-age=97162
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:20 GMT
Etag: "63db52fe-1d7"
Expires: Sat, 04 Feb 2023 07:48:42 GMT
Last-Modified: Thu, 02 Feb 2023 06:06:54 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1
200 OK 365 B URL HTTP/2 script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1
IP
File type JSON data\012- , ASCII text, with very long lines (704), with no line terminators
Hash 06bc780827f60094dff7e35de4f5eaee
d9115a54989fcae922973009e467d6096dd8ba7c
a025d668e610262f70614cb93da905b2de313e5cde081b9cc2684ac31373f64b
GET /pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:20 GMT
content-type: application/json
content-length: 365
access-control-expose-headers: CE-Version
ce-version: 11.5.22
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Thu, 02 Feb 2023 17:00:21 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 42539
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 79388a144edfb4f4-OSL
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 03 Feb 2023 04:49:20 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 9d4f605b-476f-482c-b6c1-4881d9baa83c
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2GVGoLM<B!]tbP6j2F-XstGt!@Dbu$n$G`; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 04-May-2023 04:49:20 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
script.crazyegg.com/pages/scripts/0012/9242.js
200 OK 2.7 kB URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js
IP
File type ASCII text, with very long lines (6878), with no line terminators
Hash d5abf49db6d58a01ca56cdabb3fc7f42
3233c23c807e7141b02c9715b1414a811aca1b08
d20927167bd973a1230a2d3baaeaae24adc9da86bf59934a56d115359b36524a
GET /pages/scripts/0012/9242.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:19 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.22
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Thu, 02 Feb 2023 17:00:20 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 42539
vary: Accept-Encoding
server: cloudflare
cf-ray: 79388a133e75b4f4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 37fe709691877d51d3b945dd6d18bd6d
6e692fafe7fd368321adeb7028ffe86a40e9db89
71a6a4b35bda61cd61a949353bbf0d9d348c775d3620ac44c42b40a451a3bdb6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6354
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:20 GMT
Last-Modified: Fri, 03 Feb 2023 03:03:26 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=63090900710772045653100878336060188866&ts=1675399789422
200 OK 2 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=63090900710772045653100878336060188866&ts=1675399789422
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=63090900710772045653100878336060188866&ts=1675399789422 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://welcome.unibet.com
access-control-allow-credentials: true
date: Fri, 03 Feb 2023 04:49:20 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash be1f25e16da7c6ea4ee916ee312ad5e8
e6b000527e0bd611a706fbb306bc998575ce7257
b6c001ccd1951e0df93f10bd7b50b76402b36e2695a7485d9f028e4f8d59eb79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1653
Cache-Control: max-age=118623
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:20 GMT
Etag: "63dbb83a-117"
Expires: Sat, 04 Feb 2023 13:46:23 GMT
Last-Modified: Thu, 02 Feb 2023 13:18:50 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash be1f25e16da7c6ea4ee916ee312ad5e8
e6b000527e0bd611a706fbb306bc998575ce7257
b6c001ccd1951e0df93f10bd7b50b76402b36e2695a7485d9f028e4f8d59eb79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4333
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:20 GMT
Last-Modified: Fri, 03 Feb 2023 03:37:07 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash be1f25e16da7c6ea4ee916ee312ad5e8
e6b000527e0bd611a706fbb306bc998575ce7257
b6c001ccd1951e0df93f10bd7b50b76402b36e2695a7485d9f028e4f8d59eb79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1653
Cache-Control: max-age=118623
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:49:20 GMT
Etag: "63dbb83a-117"
Expires: Sat, 04 Feb 2023 13:46:23 GMT
Last-Modified: Thu, 02 Feb 2023 13:18:50 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 8c94c7e326283ffcf1579151b5f5091d
9d17acbbdac6431aa5f55ade4991614cfb404bf3
3b15a0cee8a7848e9ba91bf6aefdc79419d1f0502930e1206c5705b7c2ba1bc2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=119834
Date: Fri, 03 Feb 2023 04:49:20 GMT
Etag: "63dbc220-1d7"
Expires: Sat, 04 Feb 2023 14:06:34 GMT
Last-Modified: Thu, 02 Feb 2023 14:01:04 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: wy7_7Jypt0YjgP5GQ-dYXbj5cWXsdHP46sHGXZGFZhfN8OH8HC6HqQ==
Age: 330
script.crazyegg.com/pages/scripts/0012/9242.js?465388
200 OK 5.7 kB URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js?465388
IP
Hash 3265358abd3c4b4426f389a3ddac2d23
a2c1454a90eaa11c47436f0ff835bc56cafe5349
297063d7b10bb96312ff0737d20dd866864e36c4a97bd52459a29bb9420421d3
GET /pages/scripts/0012/9242.js?465388 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:19 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.22
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Thu, 02 Feb 2023 17:00:20 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 42539
vary: Accept-Encoding
server: cloudflare
cf-ray: 79388a133e74b4f4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
unibet.demdex.net/dest5.html?d_nsid=0
200 OK 2.8 kB URL HTTP/1.1 unibet.demdex.net/dest5.html?d_nsid=0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: unibet.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Fri, 3 Feb 2023 04:49:20 GMT
DCS: dcs-prod-irl1-1-v045-0a637d725.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:02:56 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: XM4jZ+GDTQk=
transfer-encoding: chunked
Connection: keep-alive
cm.everesttech.net/cm/dd?d_uuid=63052308296008539663100241932209689945
302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=63052308296008539663100241932209689945
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=63052308296008539663100241932209689945 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Fri, 03 Feb 2023 04:49:20 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y9ySUAAAAJUgdwOJ; Domain=.everesttech.net; Expires=Sat, 03-Feb-2024 04:49:20 GMT; Path=/
everest_session_v2=Y9ySUAAAAJUgeAOJ; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y9ySUAAAAJUgdwOJ
Server: AMO-cookiemap/1.1
dpm.demdex.net/ibs:dpid=411&dpuuid=Y9ySUAAAAJUgdwOJ
302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y9ySUAAAAJUgdwOJ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y9ySUAAAAJUgdwOJ HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcscanary-prod-irl1-1-v052-0f73f706c.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9ySUAAAAJUgdwOJ
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=52304538393809556783535146865867850838; Max-Age=15552000; Expires=Wed, 02 Aug 2023 04:49:20 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: LW+G1jF7QcA=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9ySUAAAAJUgdwOJ
200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9ySUAAAAJUgdwOJ
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9ySUAAAAJUgdwOJ HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-0f45dc272.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: R8vvoRFkRrc=
Content-Length: 59
Connection: keep-alive
ads.themoneytizer.com/s/requestform.js?siteId=101661&formatId=44
200 OK 0 B URL HTTP/2 ads.themoneytizer.com/s/requestform.js?siteId=101661&formatId=44
IP
ASN #60068 Datacamp Limited
GET /s/requestform.js?siteId=101661&formatId=44 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:14 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1676004554
server: CDN77-Turbo
x-77-nzt: AblMCRTQDxmh
x-77-nzt-ray: af585630e5a8bf3a4a92dc63f5164726
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=147&r=2&j=criteoCallback
200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=147&r=2&j=criteoCallback
IP
GET /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://simpsonitos.blog/
x-crto-bundle: mdmmIF9jNFV0azNxZWQ0aEN3ZkR5M0NYNHZRMjJiR1cwd2M0aW9JM0c4OFlYcVQyUWJJRk04ZUp5OUV5UnEwWnVhbm9lM0tLZDhYMVVRNXdpV1R5MDBSM1E4WUglMkJGVUVPcmtCMEptJTJGVGMwN2VmWHdpdjMxbzhzeVlRc2lnaG1ZTkolMkI5dw
Origin: https://simpsonitos.blog
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:15 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://simpsonitos.blog
server-processing-duration-in-ticks: 1365375
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
waaw.to/cdn-cgi/trace
404 Not Found 0 B IP
ASN #262254 DDOS-GUARD CORP.
GET /cdn-cgi/trace HTTP/1.1
Host: waaw.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://waaw.to/e/p6acn9UO0G9I?http_referer=https%3A%2F%2Fsimpsonitos.blog%2F
Cookie: uid=MTzxNySNynyqpECbm7Yu3S5zZBKcdPsg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: ddos-guard
set-cookie: __ddg1_=X0vXfiJEnbeL3ZIeVInf; Domain=.waaw.to; HttpOnly; Path=/; Expires=Sat, 03-Feb-2024 04:49:16 GMT
date: Fri, 03 Feb 2023 04:49:16 GMT
content-type: text/html; charset=UTF-8
x-origin-location: /
x-cache-status-inferno: MISS
x-inferno-location: /
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
200 OK 0 B URL HTTP/2 unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
IP
GET /jquery.cookie@1.4.1/jquery.cookie.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://waaw.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:16 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sun, 27 Apr 2014 20:04:54 GMT
etag: W/"c31-MeG8xM+AWiwv7iH0je0eWY9koqg"
via: 1.1 fly.io
fly-request-id: 01G75513388K1MR4R8RW1AYXTV-fra
cf-cache-status: HIT
age: 18443257
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 793889fd8e4bb515-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
IP
GET /nu/pop/sportsbook/multisports/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_5A3024567DC14207978C21C877535B6F&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675399758900)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323449%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228774619669%7c1%22%7d%5d; btag=127656177_5A3024567DC14207978C21C877535B6F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:19 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Thu, 26 Jan 2023 12:30:23 GMT
etag: W/"0x8DAFF99188E686E"
x-ms-request-id: fae4441f-101e-0040-4d81-31153a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 58733
vary: Accept-Encoding
server: cloudflare
cf-ray: 79388a10fc591c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
IP
GET /nu/pop/sportsbook/multisports/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_5A3024567DC14207978C21C877535B6F&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675399758900)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323449%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228774619669%7c1%22%7d%5d; btag=127656177_5A3024567DC14207978C21C877535B6F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:19 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF99174612EA"
x-ms-request-id: 82c2bcc2-201e-0029-1081-312c76000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 58732
vary: Accept-Encoding
server: cloudflare
cf-ray: 79388a111c861c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimpsonitos.blog%2F&domain=simpsonitos.blog&cw=1&lsw=1
200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimpsonitos.blog%2F&domain=simpsonitos.blog&cw=1&lsw=1
IP
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimpsonitos.blog%2F&domain=simpsonitos.blog&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://simpsonitos.blog/
Origin: https://simpsonitos.blog
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:15 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://simpsonitos.blog
server-processing-duration-in-ticks: 221466
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=147&r=2&j=criteoCallback
200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=147&r=2&j=criteoCallback
IP
GET /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:14 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 480360
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
IP
GET /nu/pop/sportsbook/multisports/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_5A3024567DC14207978C21C877535B6F&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675399758900)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323449%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228774619669%7c1%22%7d%5d; btag=127656177_5A3024567DC14207978C21C877535B6F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:19 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF99184AD9A4"
x-ms-request-id: fa9ed380-a01e-0027-7f81-3105c6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 58732
vary: Accept-Encoding
server: cloudflare
cf-ray: 79388a110c7d1c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
200 OK 0 B URL HTTP/2 secure.quantserve.com/quant.js
IP
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:15 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "j4o3/UzQJzEULY/aoGayAw=="
expires: Fri, 10 Feb 2023 04:49:15 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
waaw.tv/watch_video.php?v=p6acn9UO0G9I
302 Found 0 B URL HTTP/2 waaw.tv/watch_video.php?v=p6acn9UO0G9I
IP
ASN #262254 DDOS-GUARD CORP.
GET /watch_video.php?v=p6acn9UO0G9I HTTP/1.1
Host: waaw.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: ddos-guard
set-cookie: __ddg1_=0Xh2LvUyO0kVmpfEg22J; Domain=.waaw.tv; HttpOnly; Path=/; Expires=Sat, 03-Feb-2024 04:49:15 GMT
date: Fri, 03 Feb 2023 04:49:14 GMT
content-type: text/html; charset=UTF-8
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
expires: Fri, 03 Feb 2023 04:50:15 GMT
x-cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
location: https://waaw.to/watch_video.php?v=p6acn9UO0G9I&http_referer=https%3A%2F%2Fsimpsonitos.blog%2F
x-origin-location: player
cache-control: public, stale-if-error=30, max-age=30
x-cache-status-inferno: EXPIRED
x-inferno-location: player
x-inferno-limit-req: PASSED
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
waaw.to/ad/api/popunder.js
200 OK 0 B URL HTTP/2 waaw.to/ad/api/popunder.js
IP
ASN #262254 DDOS-GUARD CORP.
GET /ad/api/popunder.js HTTP/1.1
Host: waaw.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://waaw.to/e/p6acn9UO0G9I?http_referer=https%3A%2F%2Fsimpsonitos.blog%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=lrDuuexxCIUHeoUw9Iwa; Domain=.waaw.to; HttpOnly; Path=/; Expires=Sat, 03-Feb-2024 04:49:16 GMT
date: Sun, 17 Jul 2022 16:41:23 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 15 Sep 2021 14:06:22 GMT
etag: W/"6141fdde-15"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
accept-ranges: bytes
age: 17323718
ddg-cache-status: HIT,HIT
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
IP
GET /nu/pop/sportsbook/multisports/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_5A3024567DC14207978C21C877535B6F&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675399758900)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323449%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228774619669%7c1%22%7d%5d; btag=127656177_5A3024567DC14207978C21C877535B6F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:19 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF99173FAB3F"
x-ms-request-id: af16bb2e-701e-0046-1c81-312685000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 58732
vary: Accept-Encoding
server: cloudflare
cf-ray: 79388a111c831c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
IP
GET /nu/pop/sportsbook/multisports/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_5A3024567DC14207978C21C877535B6F&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675399758900)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323449%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228774619669%7c1%22%7d%5d; btag=127656177_5A3024567DC14207978C21C877535B6F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:19 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF9915D02464"
x-ms-request-id: 9ee27f41-c01e-000e-3881-313bb2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 58731
vary: Accept-Encoding
server: cloudflare
cf-ray: 79388a111c8c1c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
IP
GET /resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:20 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Mon, 07 Dec 2020 10:23:00 GMT
etag: W/"0x8D89A9A12E2A33B"
x-ms-request-id: aecbdf5c-c01e-0126-115e-a51c52000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 434
vary: Accept-Encoding
server: cloudflare
cf-ray: 79388a15ce951c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
ads.themoneytizer.com/moneybile.js
200 OK 0 B URL HTTP/2 ads.themoneytizer.com/moneybile.js
IP
ASN #60068 Datacamp Limited
GET /moneybile.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:14 GMT
content-type: application/javascript
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
expires: Fri, 03 Feb 2023 05:03:48 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1675400628
server: CDN77-Turbo
x-77-nzt: AblMCRTDPiD/Fk4BAA
x-77-nzt-ray: af585630e5a8bf3a4a92dc6365969227
x-cache: HIT
x-age: 85526
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dd519f2e9-4f56-444d-a3fa-030d781bff8c
200 OK 0 B URL HTTP/2 image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dd519f2e9-4f56-444d-a3fa-030d781bff8c
IP
GET /AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dd519f2e9-4f56-444d-a3fa-030d781bff8c HTTP/1.1
Host: image2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://simpsonitos.blog/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 04:49:15 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
IP
GET /nu/pop/sportsbook/multisports/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_5A3024567DC14207978C21C877535B6F&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675399758900)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323449%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228774619669%7c1%22%7d%5d; btag=127656177_5A3024567DC14207978C21C877535B6F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:19 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
etag: W/"0x8DAFF9914DE94BB"
x-ms-request-id: 580bcb77-701e-0034-8081-3121ca000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 58727
vary: Accept-Encoding
server: cloudflare
cf-ray: 79388a10fc581c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
IP
GET /nu/pop/sportsbook/multisports/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_5A3024567DC14207978C21C877535B6F&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675399758900)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323449%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228774619669%7c1%22%7d%5d; btag=127656177_5A3024567DC14207978C21C877535B6F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:19 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Thu, 26 Jan 2023 12:30:23 GMT
etag: W/"0x8DAFF991898A021"
x-ms-request-id: e9253db8-601e-0075-8081-31792e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 58727
vary: Accept-Encoding
server: cloudflare
cf-ray: 79388a10fc5a1c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
IP
GET /nu/pop/sportsbook/multisports/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_5A3024567DC14207978C21C877535B6F&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675399758900)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323449%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228774619669%7c1%22%7d%5d; btag=127656177_5A3024567DC14207978C21C877535B6F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:19 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF991835F51F"
x-ms-request-id: 1328b90b-701e-0024-5c81-31e4a2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 58733
vary: Accept-Encoding
server: cloudflare
cf-ray: 79388a110c651c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
IP
GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:20 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: f9c36029-201e-0105-665e-a57399000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 434
vary: Accept-Encoding
server: cloudflare
cf-ray: 79388a15be8b1c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
simpsonitos.blog/episodio/los-simpson-2x2/
200 OK 0 B URL HTTP/2 simpsonitos.blog/episodio/los-simpson-2x2/
IP
GET /episodio/los-simpson-2x2/ HTTP/1.1
Host: simpsonitos.blog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:14 GMT
content-type: text/html; charset=UTF-8
cf-ray: 793889ef9bdc0afa-OSL
cache-control: max-age=14400
last-modified: Fri, 03 Feb 2023 04:22:24 GMT
link: <https://simpsonitos.blog/wp-json/>; rel="https://api.w.org/"
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
cf-apo-via: tcache
cf-edge-cache: cache,platform=wordpress
x-content-type-options: nosniff
x-powered-by: PHP/7.4.28
x-turbo-charged-by: LiteSpeed
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FCQsqNs7wMaLA7UD2VHr4uLGrb53GxrX9TgCo3G2KqSAnKtJy%2F1P8yssBTNspwhksqTSonyaouKz6aB0cy5%2BMEMnWihL4HiumFcwMisCySef1nADGXVdugltJ%2FwIoD%2BUCS8o"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/gen.js?type=44
200 OK 0 B URL HTTP/2 ads.themoneytizer.com/s/gen.js?type=44
IP
ASN #60068 Datacamp Limited
GET /s/gen.js?type=44 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:14 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1675919624
server: CDN77-Turbo
x-77-nzt: AblMCRREdE//wksBAA
x-77-nzt-ray: af585630e5a8bf3a4a92dc633cfb1126
x-cache: HIT
x-age: 84930
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
200 OK 0 B URL HTTP/2 spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
IP
GET /mapper.js?env=mWeb&eventType=pageview&zdid=1258 HTTP/1.1
Host: spl.zeotap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:14 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://simpsonitos.blog
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 793889f47e2db500-OSL
content-encoding: br
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimpsonitos.blog%2F&domain=simpsonitos.blog&cw=1&lsw=1
200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimpsonitos.blog%2F&domain=simpsonitos.blog&cw=1&lsw=1
IP
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimpsonitos.blog%2F&domain=simpsonitos.blog&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://simpsonitos.blog
Connection: keep-alive
Referer: https://simpsonitos.blog/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:14 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://simpsonitos.blog
server-processing-duration-in-ticks: 951555
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
waaw.to/watch_video.php?v=p6acn9UO0G9I&http_referer=https%3A%2F%2Fsimpsonitos.blog%2F
200 OK 0 B URL HTTP/2 waaw.to/watch_video.php?v=p6acn9UO0G9I&http_referer=https%3A%2F%2Fsimpsonitos.blog%2F
IP
ASN #262254 DDOS-GUARD CORP.
GET /watch_video.php?v=p6acn9UO0G9I&http_referer=https%3A%2F%2Fsimpsonitos.blog%2F HTTP/1.1
Host: waaw.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://simpsonitos.blog/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=4awMl507XA1YM8DjgU6g; Domain=.waaw.to; HttpOnly; Path=/; Expires=Sat, 03-Feb-2024 04:49:15 GMT
date: Fri, 03 Feb 2023 04:49:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
expires: Fri, 03 Feb 2023 04:50:16 GMT
x-cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-origin-location: player
cache-control: public, stale-if-error=30, max-age=30
content-encoding: gzip
x-cache-status-inferno: MISS
x-inferno-location: player
x-inferno-limit-req: PASSED
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_5A3024567DC14207978C21C877535B6F&bid=37950&campaignId=2799402&pid=68246908
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_5A3024567DC14207978C21C877535B6F&bid=37950&campaignId=2799402&pid=68246908
IP
GET /nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_5A3024567DC14207978C21C877535B6F&bid=37950&campaignId=2799402&pid=68246908 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675399758900)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323449%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:19 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: djoKeCzytkLU3NSdQsOPbQ==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
x-ms-request-id: 8b1b73e7-701e-0034-0d8a-3721ca000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
set-cookie: btag=127656177_5A3024567DC14207978C21C877535B6F;max-age=2592000; domain=.unibet.com;path=/;secure;samesite=none;httponly
server: cloudflare
cf-ray: 79388a0efbbf1c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
IP
GET /nu/pop/sportsbook/multisports/favicon.ico HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_5A3024567DC14207978C21C877535B6F&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675399758900)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323449%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228774619669%7c1%22%7d%5d; btag=127656177_5A3024567DC14207978C21C877535B6F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:19 GMT
content-type: image/x-icon
cache-control: public, max-age=900, immutable
content-md5: rS2fRBxmkqgGx7Qnuz5TbQ==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
etag: W/"0x8DAFF9914F4D898"
x-ms-request-id: e6735b96-c01e-0021-0381-313679000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 58724
vary: Accept-Encoding
server: cloudflare
cf-ray: 79388a12fd531c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
waaw.to/e/p6acn9UO0G9I?http_referer=https%3A%2F%2Fsimpsonitos.blog%2F
200 OK 0 B URL HTTP/2 waaw.to/e/p6acn9UO0G9I?http_referer=https%3A%2F%2Fsimpsonitos.blog%2F
IP
ASN #262254 DDOS-GUARD CORP.
GET /e/p6acn9UO0G9I?http_referer=https%3A%2F%2Fsimpsonitos.blog%2F HTTP/1.1
Host: waaw.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://waaw.to/watch_video.php?v=p6acn9UO0G9I&http_referer=https%3A%2F%2Fsimpsonitos.blog%2F
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=1NHBvPgtpTDcMddl4pJ2; Domain=.waaw.to; HttpOnly; Path=/; Expires=Sat, 03-Feb-2024 04:49:16 GMT
date: Fri, 03 Feb 2023 04:49:16 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//waaw.to>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsengine.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
pragma: no-cache
x-origin-location: player
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-encoding: gzip
x-cache-status-inferno: MISS
x-inferno-location: player
x-inferno-limit-req: PASSED
X-Firefox-Spdy: h2
unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js
200 OK 0 B URL HTTP/2 unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js
IP
GET /progressbar.js@1.1.0/dist/progressbar.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://waaw.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:16 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"7315-VGu3QlAvqjb4wruVTC8CgYdmBAQ"
via: 1.1 fly.io
fly-request-id: 01F3YGTHVETVB9B7TG2TW5GR8F
cf-cache-status: HIT
age: 24710520
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 793889fd8e4db515-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/custom.js
200 OK 0 B URL HTTP/2 welcome.unibet.com/custom.js
IP
GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_5A3024567DC14207978C21C877535B6F&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675399758900)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323449%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228774619669%7c1%22%7d%5d; btag=127656177_5A3024567DC14207978C21C877535B6F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:19 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: d013a120-f01e-003a-7703-03087a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 332204
vary: Accept-Encoding
server: cloudflare
cf-ray: 79388a10fc5b1c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
404 Not Found 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_5A3024567DC14207978C21C877535B6F&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675399758900)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323449%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228774619669%7c1%22%7d%5d; btag=127656177_5A3024567DC14207978C21C877535B6F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Fri, 03 Feb 2023 04:49:19 GMT
content-type: application/xml
x-ms-request-id: 156aa451-f01e-003a-498a-37087a000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 241
vary: Accept-Encoding
server: cloudflare
cf-ray: 79388a111c8b1c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/css/all.css
200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:19 GMT
content-type: text/css
x-amz-id-2: Naym7hPmP6C6hux6VLJAAre0tbecqXaiQpMJaYu3vDn0x1vPpC32gtoDJkl7kXKmPPFbhKi1q5U=
x-amz-request-id: MZGFJRB14SZWS1MV
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 574549
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lfaY03d1CipQ7aKJbD0azrf%2FAwxcEFIFOTpxdxA4mpm3vKvHSGUr4IqlrkEcxauTm9uYhbEE1j4wwbcdXRZr1Qs5MrcJlH%2FsdeU2Q%2FQBcnAnD70KjZ%2FRbXxgYaKGHJ9ZyVZCU%2B0R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79388a11684406cd-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
IP
GET /nu/pop/sportsbook/multisports/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_5A3024567DC14207978C21C877535B6F&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675399758900)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323449%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228774619669%7c1%22%7d%5d; btag=127656177_5A3024567DC14207978C21C877535B6F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:19 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF9915A7459F"
x-ms-request-id: e677fb13-901e-0061-5581-313141000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 58733
vary: Accept-Encoding
server: cloudflare
cf-ray: 79388a110c5e1c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
dnacdn.net/dna
200 OK 0 B IP
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=0XokpV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czdKd1h4aUQzampQVmhwOEVYMzJPa0M3SjBIU2p2YyUyQmRCZkFFenJTaG9SOA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:16 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=W71c-F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czdKd1h4aUQzampQVmhwOEVYMzJPa0NIdUxHJTJGWk1kSWVaN0ppclRRN011eA; expires=Wed, 28 Feb 2024 04:49:17 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 262155
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
IP
GET /nu/pop/sportsbook/multisports/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_5A3024567DC14207978C21C877535B6F&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675399758900)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323449%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228774619669%7c1%22%7d%5d; btag=127656177_5A3024567DC14207978C21C877535B6F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:19 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF99183CF8FA"
x-ms-request-id: d4160c8c-201e-0016-7481-31e4d5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 58732
vary: Accept-Encoding
server: cloudflare
cf-ray: 79388a110c6c1c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
IP
GET /nu/pop/sportsbook/multisports/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_5A3024567DC14207978C21C877535B6F&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675399758900)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323449%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228774619669%7c1%22%7d%5d; btag=127656177_5A3024567DC14207978C21C877535B6F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:19 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF99157C1D3C"
x-ms-request-id: ec6073d8-501e-0051-6881-318f8e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 58733
vary: Accept-Encoding
server: cloudflare
cf-ray: 79388a110c621c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
IP
GET /nu/pop/sportsbook/multisports/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_5A3024567DC14207978C21C877535B6F&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675399758900)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C202323449%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228774619669%7c1%22%7d%5d; btag=127656177_5A3024567DC14207978C21C877535B6F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:49:19 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF9917716257"
x-ms-request-id: 78c0b78e-401e-0000-7881-311202000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 58732
vary: Accept-Encoding
server: cloudflare
cf-ray: 79388a111c8a1c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 04:49:19 GMT
date: Fri, 03 Feb 2023 04:49:19 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
X-Firefox-Early-Data: accepted
104.21.60.197
81.17.55.113
188.114.99.234
212.83.160.162
23.36.77.48
185.64.190.80
54.230.111.47
52.212.11.14
185.89.210.153
85.184.96.0
190.115.19.71
185.76.9.25